Check Point FireWall-1 versions 4.1 and Next Generation contain vulnerabilities that allow a remote attacker to execute arbitrary code with elevated privileges.
The vulnerability is due to format string errors in certain components during HTTP traffic parsing. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable firewall. This could allow the attacker to execute arbitrary code on the system or cause established HTTP sessions to be terminated.
Updated software is available.