What is the severity of CVE-2004-0039?

CVE-2004-0039 has been classified as a high-severity vulnerability due to the potential for remote code execution.

How do I fix CVE-2004-0039?

To mitigate CVE-2004-0039, it is recommended to upgrade to the latest patched version of Check Point Firewall-1.

What types of systems are affected by CVE-2004-0039?

CVE-2004-0039 affects Check Point Firewall-1 NG-AI R54 and R55, as well as the HTTP Security Server included in several NG versions.

What are the consequences of exploiting CVE-2004-0039?

Exploiting CVE-2004-0039 could allow a remote attacker to execute arbitrary code on the affected systems.

How does CVE-2004-0039 allow remote attackers access?

CVE-2004-0039 allows remote attackers access by sending specially crafted HTTP requests that exploit format string vulnerabilities.

Vulnerability/
CVE-2004-0039

critical

CWE

NVD-CWE-Other

11/2/2004

8/8/2024

CVE-2004-0039

First published: Wed Feb 11 2004(Updated: )

Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Check Point FireWall-1

Remedy

http://www.kb.cert.org/vuls/id/790771

Remedy

http://www.securityfocus.com/bid/9581

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0039?
CVE-2004-0039 has been classified as a high-severity vulnerability due to the potential for remote code execution.
How do I fix CVE-2004-0039?
To mitigate CVE-2004-0039, it is recommended to upgrade to the latest patched version of Check Point Firewall-1.
What types of systems are affected by CVE-2004-0039?
CVE-2004-0039 affects Check Point Firewall-1 NG-AI R54 and R55, as well as the HTTP Security Server included in several NG versions.
What are the consequences of exploiting CVE-2004-0039?
Exploiting CVE-2004-0039 could allow a remote attacker to execute arbitrary code on the affected systems.
How does CVE-2004-0039 allow remote attackers access?
CVE-2004-0039 allows remote attackers access by sending specially crafted HTTP requests that exploit format string vulnerabilities.

agent/references
agent/type
agent/remedy
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/checkpoint
canonical/check point firewall-1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.