CVE-2019-8459 (, capsule_docs_standalone_client, endpoint_security_clients, jumbo_hotfix_for_endpoint_security_server, remote_access_clients, smartconsole_for_endpoint_security_server)

Check Point Endpoint Security Client for Windows, with the VPN blade, before version E80.83, starts a process without using quotes in the path. This can cause loading of a previously placed executable with a name similar to the parts of the path, instead of the intended one.

View Full Alert

Related Posts

  • CVE-2019-8458 (capsule_docs, endpoint_security_clients, remote_access_clients)

    Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with…

  • CVE-2019-1903 (security_manager)

    A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information or cause a denial of service (DoS) condition. The vulnerability is due to improper…

  • CVE-2019-1905 (email_security_appliance)

    A vulnerability in the GZIP decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured content filters on the…