Check Point Firewall-1/VPN-1 Management Station Format String Vulnerability

Check Point Firewall-1/VPN-1 Management Station Format String Vulnerability

Firewall-1/VPN-1 management station contains a format string vulnerability.

The vulnerability is the result of passing client-supplied data to a printf* function as the format string argument.

This vulnerability can only be exploited by a client that is authenticated as an administrator and connected from an authorized IP address.

Administrators with limited privileges (such as read-only) may be able to exploit this vulnerability to gain control over the management station.