Unrated severityNVD Advisory· Published Mar 3, 2004· Updated Apr 16, 2026

CVE-2004-0039

Description

Multiple format string vulnerabilities in HTTP Application Intelligence (AI) component in Check Point Firewall-1 NG-AI R55 and R54, and Check Point Firewall-1 HTTP Security Server included with NG FP1, FP2, and FP3 allows remote attackers to execute arbitrary code via HTTP requests that cause format string specifiers to be used in an error message, as demonstrated using the scheme of a URI.

Affected products

Checkpoint/Firewall 1
cpe:2.3:a:checkpoint:firewall-1:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/790771nvdPatchThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/9581nvdPatchVendor Advisory
www.us-cert.gov/cas/techalerts/TA04-036A.htmlnvdUS Government Resource
marc.infonvd
www.checkpoint.com/techsupport/alerts/security_server.htmlnvd
www.ciac.org/ciac/bulletins/o-072.shtmlnvd
xforce.iss.net/xforce/alerts/id/162nvd
exchange.xforce.ibmcloud.com/vulnerabilities/14149nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.038
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000