Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/11/10 12:0 a.m.•27 views

PHP Nuke Module htmltonuke php Remote File Inclusion (CVE-2006-0308)

A file inclusion vulnerability has been reported in Htmltonuke. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS3.2AI score0.02572EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/11/09 12:0 a.m.•27 views

Foxit Reader PDF Files Processing Buffer Overflow (CVE-2009-0837)

There exists a Stack-based buffer overflow in Foxit Reader, which allows remote attackers to execute arbitrary code via a long relative path or absolute path in the filename argument in an action...

10CVSS7.7AI score0.75781EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/10/30 12:0 a.m.•27 views

Microsoft Internet Explorer Resource Information Disclosure (MS14-052; CVE-2013-7331)

An information disclosure vulnerability exists in Internet Explorer. This vulnerability is caused when the XMLDOM ActiveX control allows local resources to be enumerated. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of...

4.3CVSS3.5AI score0.58023EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/10/22 12:0 a.m.•27 views

Apache Camel XSLT Component Java Code Execution (CVE-2014-0003)

A code execution vulnerability has been reported in Apache Camel. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted XML message to the vulnerable server. Successful exploitation could result in the execution of arbitrary Java code...

7.5CVSS5.1AI score0.07352EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/10/14 12:0 a.m.•27 views

Microsoft Internet Explorer Elevation of Privilege (MS14-056; CVE-2014-4123)

An elevation of privilege vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer validates permissions under specific conditions, potentially allowing script to be run with elevated privileges...

6.8CVSS3.6AI score0.40289EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/09/21 12:0 a.m.•27 views

Adobe Acrobat and Reader Sandbox Bypass (APSB14-20; CVE-2014-0568)

A sandbox Security Bypass vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in the sandbox protection mechanism. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file...

10CVSS3.2AI score0.04122EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/09/16 12:0 a.m.•27 views

Attachmate Reflection FTP Client ActiveX GetGlobalSettings Memory Corruption (CVE-2014-0603)

A memory corruption vulnerability has been found in Attachmate Reflection FTP Client. The vulnerability is due to an attempt to dereference user-controllable parameter input. Successful exploitation could lead to arbitrary code execution under the security context of the browser...

10CVSS3.1AI score0.05668EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/08/06 12:0 a.m.•27 views

Apache HTTP Server mod_status Heap Buffer Overflow (CVE-2014-0226)

A heap buffer overflow vulnerability exists in Apache httpd. The vulnerability is due to a race condition in the modstatus module running on a server with threaded MPM.Successful exploit may result in information disclosure or code execution...

6.8CVSS1.3AI score0.85744EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/07/21 12:0 a.m.•27 views

HP SiteScope EmailServlet Information Disclosure (CVE-2014-2614)

An information disclosure vulnerability has been reported in HP SiteScope. The vulnerability is due to a lack of input validation in the EmailServlet servlet when processing HTTP requests. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the...

7.5CVSS5.9AI score0.0485EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/06/10 12:0 a.m.•27 views

Microsoft Internet Explorer Memory Corruption (MS14-035: CVE-2014-1800)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.24458EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/05/18 12:0 a.m.•27 views

Schneider Electric ClearSCADA OPF File Parsing Out of Bounds Array Indexing (CVE-2014-0779)

A code execution vulnerability has been reported in Schneider Electric ClearSCADA. The vulnerability is due improper validation of a length parameter that is used to index an array in the OPF File parsing component. A remote attacker could exploit this vulnerability by enticing the target user to...

4.1AI score0.01487EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/05/13 12:0 a.m.•27 views

Microsoft Windows SMB Response Handling Buffer Overflow - ver 2 (CVE-2005-0045)

A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block SMB client component. A remote attacker can exploit this vulnerability by sending a specially crafted message to an affected system. Successful exploitation would allow an attacker to take comple...

7.1AI score0.73094EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•27 views

Microsoft Word Smart Tags Code Execution (MS06-027) - Ver2 (CVE-2006-2492)

A code execution vulnerability exists in Microsoft Office Word software. The vulnerability is due to insufficient validation of certain fields related to the Smart Tags in a Word document. An attacker may exploit this vulnerability by enticing a user to open a crafted Word file, which may result ...

7.6CVSS7.1AI score0.48387EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•27 views

Microsoft Office Excel Graphic Object Dereferencing Code Execution - Ver2 (CVE-2011-0977)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly handle dereferencing data structures when parsing a specially crafted Office file that contains graphic objects. Successful exploitatio...

7.3AI score0.32172EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•27 views

Microsoft PowerPoint Converter GuideAtom Record Handling Error (MS09-017) - Ver2 (CVE-2009-0225)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A memory corruption vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafted...

9.3CVSS6.9AI score0.3107EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•27 views

Microsoft Word TextBox Sub-document Memory Corruption - Ver2 (CVE-2007-1910)

A memory corruption vulnerability has been reported in Microsoft Office Word. The vulnerability is due to improper validation of a supplied value inside the Main Stream. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2AI score0.24949EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•27 views

Microsoft Office RTF File listid Use-After-Free - Ver2 (CVE-2012-2528)

A use-after-free vulnerability has been reported in Microsoft Office Word. The vulnerability is due to a memory handling error while parsing specially crafted RTF Rich Text Format files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

7.1AI score0.22117EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•27 views

Microsoft Windows Shell MSHTA Script Execution in OLE Files (MS05-016) - Ver2 (CVE-2005-0063)

The Windows operating system provides facilities that make it possible to invoke different applications to handle different types of files. This makes it possible for a user to double click on a known image type file, for instance, and by that action launch the proper application to display or ed...

7.5CVSS6.6AI score0.51684EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•27 views

Internet Explorer Selection Object Memory Corruption (MS11-050) - Ver2 (CVE-2011-1261)

This is a remote code execution vulnerability. When Internet Explorer attempts to access an object that has not been initialized or has been deleted, it may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user. Successful exploitation of...

9.3CVSS7.6AI score0.16935EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•27 views

Apple Iphone OS Springboard Application Malformed Character Denial of Service - Ver2 (CVE-2010-1226)

A denial-of-service vulnerability has been reported in Apple Iphone OS. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.3AI score0.04995EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•27 views

Microsoft Access Snapshot Viewer ActiveX Control Arbitrary File Download - Ver2 (CVE-2008-2463)

Microsoft Snapshot Viewer is an application that allows viewing of snapshots created with any version of Microsoft Access. A remote code execution vulnerability has been discovered in the Snapshot Viewer for Microsoft Access. The vulnerability is due to an error in the Snapshot Viewer ActiveX...

6.8CVSS7.3AI score0.59125EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•27 views

Mozilla Firefox JavaScript Function focus Buffer Overflow - Ver2 (CVE-2006-1993)

The Firefox web browser is an application designed for tasks related to browsing the web, such as displaying HTML encoded pages, downloading files, and so forth. The browser application has a built-in JavaScript interpreter which also allows it to use the Document Object Model DOM, in particular ...

5.1CVSS7.1AI score0.51346EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•27 views

Adobe Reader JavaScript spell.customDictionaryOpen Method Memory Corruption - Ver2 (CVE-2009-1493)

Adobe develops products for creating, distributing, and viewing Portable Document Format PDF documents. Adobe Reader is a viewer application that allows for reading and the printing of PDF documents. Adobe Acrobat provides PDF authoring functionality in addition to those of viewing. A buffer...

6.8CVSS7.2AI score0.21826EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•27 views

Microsoft Internet Explorer WebViewFolderIcon ActiveX Integer Overflow - Ver2 (CVE-2006-3730)

A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6AI score0.63817EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•27 views

Microsoft PowerPoint Viewer 2003 Picture Integer Overflow - Ver2 (CVE-2008-0120)

An integer overflow vulnerability has been reported in Microsoft Office PowerPoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2AI score0.31932EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/02/25 12:0 a.m.•27 views

Cisco WebEx Player ATAS32.DLL Remote Code Execution (CVE-2011-4004)

A remote code execution vulnerability has been reported in Cisco WebEx Player. The vulnerability is due to insufficient validation of some values in record Type 0x1F and Type 0xBB while processing WebEx Recording Format WRF files. A remote unauthenticated attacker can leverage this vulnerability ...

7.2AI score0.03811EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•27 views

PHP POST File Upload Buffer Overflow - Ver2 (CVE-2002-0081)

A buffer overflow vulnerability has been reported in PHP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.24256EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•27 views

Oracle 9i TNS Listener SERVICE_NAME Remote Buffer Overflow - Ver2 (CVE-2002-0965)

A buffer overflow vulnerability has been reported in TNS Listener for Oracle 9i Database Server on Windows systems. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.6981EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2013/12/02 12:0 a.m.•27 views

OP5 welcome Remote Command Execution (CVE-2012-0262)

An arbitrary commands execution vulnerability has been reported in OP5 appliances...

6.9AI score0.72851EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/10/27 12:0 a.m.•27 views

HP Data Protector CRS Opcode 264 Stack Buffer Overflow (CVE-2013-2327)

A stack buffer overflow has been discovered in HP Data Protector...

6.9AI score0.61043EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/08 12:0 a.m.•27 views

Microsoft SharePoint Server Parameter Injection (MS13-084; CVE-2013-3895)

An elevation of privilege vulnerability exists in Microsoft SharePoint Server...

6.4AI score0.22627EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/08 12:0 a.m.•27 views

Microsoft .NET Framework OpenType Font Parsing Remote Code Execution (MS13-082; CVE-2013-3128)

A remote code execution vulnerability has been reported in Microsoft .Net Framework...

7.3AI score0.50374EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/07 12:0 a.m.•27 views

IBM Lotus Quickr qp2.cab ActiveX Control Integer Overflow (CVE-2013-3026)

A buffer overflow vulnerability exists in IBM Lotus Quickr for Domino. The vulnerability is due to an integer overflow within the qp2.cab ActiveX control. A remote attacker can exploit this vulnerability by enticing a target user to visit a crafted web page using Internet Explorer. Successful...

9.3CVSS7.3AI score0.02898EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/25 12:0 a.m.•27 views

IBM Cognos tm1admsd.exe Buffer Overflow (CVE-2012-0202)

Multiple stack-based buffer overflow vulnerabilities have been reported in IBM Cognos TM1 Admin Server...

7.1AI score0.5485EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•27 views

Microsoft Windows RPC Elevation Of Privilege (MS13-062; CVE-2013-3175)

An elevation of privilege vulnerability exists in the way that Windows handles asynchronous RPC requests...

6.4AI score0.27538EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•27 views

Microsoft Windows ICMPv6 Router Advertisement Denial of Service (MS13-065; CVE-2013-3183)

There exists a denial of service vulnerability in Windows TCP/IP stack...

6.2AI score0.80473EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/07/09 12:0 a.m.•27 views

Microsoft Internet Explorer Memory Corruption (MS13-055; CVE-2013-3145)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7AI score0.25039EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/07/09 12:0 a.m.•27 views

Microsoft Internet Explorer Memory Corruption (MS13-055; CVE-2013-3146)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7AI score0.23587EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/06/11 12:0 a.m.•27 views

Internet Explorer Deleted HTML Object Memory Corruption (MS13-047; CVE-2013-3112)

A use after free vulnerability has been reported in Internet Explorer...

9.3CVSS6.5AI score0.19345EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/06/11 12:0 a.m.•27 views

Preemptive Protection against Microsoft Windows TCP/IP Driver Denial of Service (MS13-049; CVE-2013-3138)

A denial of service vulnerability has been reported in the TCP/IP driver of Microsoft Windows...

6.2AI score0.5937EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/05/16 12:0 a.m.•27 views

Microsoft Office Malformed GIF File Processing Code Execution (MS06-039) - Improved Performance (CVE-2006-0007)

The Microsoft Office is a popular application suite that consists of several independent applications such as Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and others. The suite ships with a set of image processing helper libraries known as graphics filters. The graphics filters are used...

9.3CVSS7.5AI score0.19519EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/05/14 12:0 a.m.•27 views

Internet Explorer CMarkupTransNavContext Use After Free (MS13-037; CVE-2013-1308)

A Code Execution vulnerability exists in Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. When Internet Explorer attempts to access an object in memory that has been deleted, it may corrupt memory in such a way th...

7.2AI score0.209EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/04/09 12:0 a.m.•27 views

Microsoft Active Directory LDAP Request Memory Consumption (MS13-032; CVE-2013-1282)

A denial of service vulnerability exists in implementations of Active Directory. Successful exploitation could cause the service to stop responding. The vulnerability is caused when the LDAP service fails to handle a specially crafted query. A Remote attacker can exploit this issue via a speciall...

2.8AI score0.27005EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/04/08 12:0 a.m.•27 views

Adobe Photoshop PNG Image Processing Buffer Overflow - Improved Performance (CVE-2012-4170)

A heap buffer overflow vulnerability has been reported in Adobe Photoshop CS6. The vulnerability is due to an error while handling certain chunks within a specially crafted PNG file. A remote attacker can exploit this vulnerability by enticing a user to open a malicious PNG file. Successful...

9.3CVSS7AI score0.1136EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/04/03 12:0 a.m.•27 views

Microsoft HTML Sanitization Cross Site Scripting (MS13-035; CVE-2013-1289)

An elevation of privilege vulnerability exists in the way that HTML strings are sanitized. Successful exploitation could allow an attacker to perform cross-site scripting attacks against affected users, resulting in script execution in the target's security context...

4.3CVSS5.8AI score0.15432EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/03/19 12:0 a.m.•27 views

Symantec Messaging Gateway Save.do Cross Site Request Forgery - Improved Performance (CVE-2012-0308)

A cross-site request forgery CSRF vulnerability has been reported in Symantec Messaging Gateway. The vulnerability is due to errors while validating user input. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted URI. Successful exploitation would allow...

6.3AI score0.01923EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/03/07 12:0 a.m.•27 views

Internet Explorer OnResize Use After Free Remote Code Execution (MS13-021; CVE-2013-0087)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

7.3AI score0.18477EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/02/26 12:0 a.m.•27 views

Opera SVG clipPath Use After Free Memory Corruption (CVE-2013-1638)

A use-after-free vulnerability has been reported in Opera web browser. The vulnerability is due to an error while parsing SVG content. A remote attacker can exploit this vulnerability by enticing a user to download and process a maliciously crafted file with a vulnerable version of Opera...

9.3CVSS6.3AI score0.08036EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/02/19 12:0 a.m.•27 views

Adobe ColdFusion scheduleedit.cfm Authentication Bypass (CVE-2013-0625)

An authentication bypass vulnerability has been reported in ColdFusion servers. The vulnerability is due to enabling unauthenticated attacker to create a scheduled task which will be performed and allow attacker-controlled code to be uploaded to the vulnerable server. A remote attacker could...

6.8CVSS9.4AI score0.93797EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/01/14 12:0 a.m.•27 views

Microsoft Internet Explorer Cloned Object Memory Corruption (MS09-002; CVE-2009-0075)

A vulnerability exists in the way Internet Explorer 7 accesses an object that has been deleted, which can cause memory corruption. In an attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in suc...

6.9AI score0.85277EPSS
Exploits9
Total number of security vulnerabilities5000