Lucene search
+L
Checkpoint AdvisoriesMost viewed

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2013/12/02 12:0 a.m.•27 views

OP5 welcome Remote Command Execution (CVE-2012-0262)

An arbitrary commands execution vulnerability has been reported in OP5 appliances...

6.9AI score0.72851EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/10/27 12:0 a.m.•27 views

HP Data Protector CRS Opcode 264 Stack Buffer Overflow (CVE-2013-2327)

A stack buffer overflow has been discovered in HP Data Protector...

6.9AI score0.61043EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/08 12:0 a.m.•27 views

Microsoft SharePoint Server Parameter Injection (MS13-084; CVE-2013-3895)

An elevation of privilege vulnerability exists in Microsoft SharePoint Server...

6.4AI score0.22627EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/08 12:0 a.m.•27 views

Microsoft .NET Framework OpenType Font Parsing Remote Code Execution (MS13-082; CVE-2013-3128)

A remote code execution vulnerability has been reported in Microsoft .Net Framework...

7.3AI score0.50374EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/25 12:0 a.m.•27 views

IBM Cognos tm1admsd.exe Buffer Overflow (CVE-2012-0202)

Multiple stack-based buffer overflow vulnerabilities have been reported in IBM Cognos TM1 Admin Server...

7.1AI score0.5485EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•27 views

Microsoft Windows RPC Elevation Of Privilege (MS13-062; CVE-2013-3175)

An elevation of privilege vulnerability exists in the way that Windows handles asynchronous RPC requests...

6.4AI score0.27538EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/07/09 12:0 a.m.•27 views

Microsoft Internet Explorer Memory Corruption (MS13-055; CVE-2013-3145)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7AI score0.25039EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/07/09 12:0 a.m.•27 views

Microsoft Internet Explorer Memory Corruption (MS13-055; CVE-2013-3146)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7AI score0.23587EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/06/11 12:0 a.m.•27 views

Internet Explorer Deleted HTML Object Memory Corruption (MS13-047; CVE-2013-3112)

A use after free vulnerability has been reported in Internet Explorer...

9.3CVSS6.5AI score0.19345EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/06/11 12:0 a.m.•27 views

Preemptive Protection against Microsoft Windows TCP/IP Driver Denial of Service (MS13-049; CVE-2013-3138)

A denial of service vulnerability has been reported in the TCP/IP driver of Microsoft Windows...

6.2AI score0.5937EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/05/16 12:0 a.m.•27 views

Microsoft Office Malformed GIF File Processing Code Execution (MS06-039) - Improved Performance (CVE-2006-0007)

The Microsoft Office is a popular application suite that consists of several independent applications such as Microsoft Word, Microsoft Excel, Microsoft PowerPoint, and others. The suite ships with a set of image processing helper libraries known as graphics filters. The graphics filters are used...

9.3CVSS7.5AI score0.19519EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/05/14 12:0 a.m.•27 views

Internet Explorer CMarkupTransNavContext Use After Free (MS13-037; CVE-2013-1308)

A Code Execution vulnerability exists in Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. When Internet Explorer attempts to access an object in memory that has been deleted, it may corrupt memory in such a way th...

7.2AI score0.209EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/04/14 12:0 a.m.•27 views

Smart Software Solutions CoDeSys CmpWebServer Content-Length NULL Pointer (CVE-2011-5009)

Denial of service has been reported in Smart Software Solutions CoDeSys CmpWebServer.The vulnerability is due to insufficient validation of incoming HTTP POST requests to TCP port 8080.A remote attacker could exploit this vulnerability by sending a malicious HTTP POST request to the affected...

5CVSS6.2AI score0.10775EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/04/09 12:0 a.m.•27 views

Microsoft Active Directory LDAP Request Memory Consumption (MS13-032; CVE-2013-1282)

A denial of service vulnerability exists in implementations of Active Directory. Successful exploitation could cause the service to stop responding. The vulnerability is caused when the LDAP service fails to handle a specially crafted query. A Remote attacker can exploit this issue via a speciall...

2.8AI score0.27005EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/04/08 12:0 a.m.•27 views

Adobe Photoshop PNG Image Processing Buffer Overflow - Improved Performance (CVE-2012-4170)

A heap buffer overflow vulnerability has been reported in Adobe Photoshop CS6. The vulnerability is due to an error while handling certain chunks within a specially crafted PNG file. A remote attacker can exploit this vulnerability by enticing a user to open a malicious PNG file. Successful...

9.3CVSS7AI score0.1136EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/04/03 12:0 a.m.•27 views

Microsoft HTML Sanitization Cross Site Scripting (MS13-035; CVE-2013-1289)

An elevation of privilege vulnerability exists in the way that HTML strings are sanitized. Successful exploitation could allow an attacker to perform cross-site scripting attacks against affected users, resulting in script execution in the target's security context...

4.3CVSS5.8AI score0.15432EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/03/19 12:0 a.m.•27 views

Symantec Messaging Gateway Save.do Cross Site Request Forgery - Improved Performance (CVE-2012-0308)

A cross-site request forgery CSRF vulnerability has been reported in Symantec Messaging Gateway. The vulnerability is due to errors while validating user input. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted URI. Successful exploitation would allow...

6.3AI score0.01923EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/03/07 12:0 a.m.•27 views

Internet Explorer OnResize Use After Free Remote Code Execution (MS13-021; CVE-2013-0087)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

7.3AI score0.18477EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/02/26 12:0 a.m.•27 views

Opera SVG clipPath Use After Free Memory Corruption (CVE-2013-1638)

A use-after-free vulnerability has been reported in Opera web browser. The vulnerability is due to an error while parsing SVG content. A remote attacker can exploit this vulnerability by enticing a user to download and process a maliciously crafted file with a vulnerable version of Opera...

9.3CVSS6.3AI score0.08036EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/02/19 12:0 a.m.•27 views

Adobe ColdFusion scheduleedit.cfm Authentication Bypass (CVE-2013-0625)

An authentication bypass vulnerability has been reported in ColdFusion servers. The vulnerability is due to enabling unauthenticated attacker to create a scheduled task which will be performed and allow attacker-controlled code to be uploaded to the vulnerable server. A remote attacker could...

6.8CVSS9.4AI score0.93797EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/01/14 12:0 a.m.•27 views

Microsoft Internet Explorer Cloned Object Memory Corruption (MS09-002; CVE-2009-0075)

A vulnerability exists in the way Internet Explorer 7 accesses an object that has been deleted, which can cause memory corruption. In an attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in suc...

6.9AI score0.85277EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2012/05/14 12:0 a.m.•27 views

Novell iPrint Server attributes-natural-language Buffer Overflow (CVE-2011-4194)

A buffer overflow vulnerability has been reported in Novell iPrint Server...

6.9AI score0.02974EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2011/12/06 12:0 a.m.•27 views

Preemptive Protection against Novell GroupWise Internet Agent RRULE Time Conversion Invalid Array Indexing (CVE-2011-2663)

A remote code injection and execution vulnerability has been reported in Novell GroupWise Internet Agent GWIA...

10CVSS7.5AI score0.05394EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2011/08/16 12:0 a.m.•27 views

Black Ice BIImgFrm.ocx ActiveX Code Execution (CVE-2008-2683)

A remote code execution vulnerability has been reported in Black Ice BIImgFrm.ocx. The vulnerability is due to a design flaw in the application which allows uploading of specially crafted files to an affected system. An attacker could exploit this vulnerability by enticing a victim to open a...

9.3CVSS7.6AI score0.34761EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2011/06/14 12:0 a.m.•27 views

Microsoft Excel Series Integer Underflow (MS11-045; CVE-2011-1278)

Microsoft Excel is a popular spreadsheet application. A vulnerability has been identified in Microsoft Excel. When Microsoft Excel validates record information upon opening a specially crafted Excel file, a memory handling error may corrupt system memory in such a way that an attacker could execu...

9.3CVSS6.6AI score0.16968EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2011/06/14 12:0 a.m.•27 views

Internet Explorer DOM Modification Remote Code Execution (MS11-050; CVE-2011-1256)

A remote code execution vulnerability has been reported in the way that Microsoft Internet Explorer accesses an object that has not been correctly initialized or has been deleted. Microsoft Internet Explorer attempts to access an object that has not been initialized or has been deleted, it may...

9.3CVSS7.6AI score0.18647EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2011/06/14 12:0 a.m.•27 views

Internet Explorer Time Element Memory Corruption (MS11-050; CVE-2011-1255)

A remote code execution vulnerability has been reported in the way that Microsoft IE accesses an object that has not been correctly initialized or has been deleted. Microsoft Internet Explorer attempts to access an object that has not been initialized or has been deleted, it may corrupt memory in...

9.3CVSS7.6AI score0.42103EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2011/06/14 12:0 a.m.•27 views

Microsoft Windows OLEAUT32.DLL WMF File Remote Code Excution (MS11-038; CVE-2011-0658)

The vulnerability is caused by the way that OLE Automation parses a specially crafted WMF file. An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site. An attacker who successfully...

9.3CVSS6.1AI score0.21202EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2011/04/12 12:0 a.m.•27 views

Microsoft Office Excel RealTimeData Record Memory Corruption (MS11-021; CVE-2011-0101)

Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. A memory corruption vulnerability has been identified in Microsoft...

9.3CVSS6.8AI score0.29971EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2011/03/09 12:0 a.m.•27 views

Novell ZENworks Configuration Management TFTPD Heap Buffer Overflow (CVE-2010-4323)

Novell ZENworks Configuration Management is an IT desktop computer management suite that is based on a client/server architecture. A management server collects and sends data of managed assets by communicating with client applications installed on computers, or via other management protocols. A...

7.5CVSS7.7AI score0.08084EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2011/02/20 12:0 a.m.•27 views

Symantec Alert Management System pagehndl.dll Stack Buffer Overflow (CVE-2010-0110)

Symantec Alert management System 2 AMS2 is a package used by various Symantec solutions such as System Center, AntiVirus Server, and AntiVirus Central Quarantine Server. AMS2 starts multiple services on the system that run with System account privileges, by default. A stack buffer overflow...

7.9CVSS7.5AI score0.0513EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2010/12/08 12:0 a.m.•27 views

Symantec IM Manager rdpageimlogic.aspx Multiple SQL Injections (CVE-2010-0112)

Symantec IM Manager is a software-based proxy to secure, manage, and log IM messages for enterprise and public IM protocols. It provides real-time threat protection against IM viruses, worms, and other types of attacks delivered through IM messages. Symantec IM Manager allows the definition of...

7.5CVSS7.5AI score0.05822EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/11/09 12:0 a.m.•27 views

Microsoft Office Art Drawing Records Code Execution (MS10-087; CVE-2010-3334)

Microsoft Office is an office suite of inter-related desktop applications, servers and services for the Microsoft Windows and Mac OS X operating systems. A remote attacker could exploit this issue via a malformed Office file. Successful exploitation of this vulnerability may allow execution of...

9.3CVSS6.6AI score0.25459EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2010/10/20 12:0 a.m.•27 views

Microsoft Word UPX Data Stack Validation Buffer Overflow (MS10-079; CVE-2010-3214)

Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in the way that Microsoft Word handles stack validation inside a specially crafted Word file. The vulnerability is due to an error in Microsoft Word that fails to properly validate UPX...

9.3CVSS7.1AI score0.24787EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/10/12 12:0 a.m.•27 views

Microsoft Excel Biff Record PtgName Entries Code Execution (MS10-080; CVE-2010-3235)

Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly validate formula information upon opening a specially crafted Excel file. A remote...

9.3CVSS6.8AI score0.21413EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/10/12 12:0 a.m.•27 views

Microsoft Browser Embedded Media Player Memory Corruption (MS10-082; CVE-2010-2745)

Windows Media Player is a feature of the Windows operating system for personal computers. It is used for playing audio and video. A remote code execution vulnerability has been reported in Windows Media Player. The vulnerability is due to an error in the Windows Media Player that improperly...

9.3CVSS7.1AI score0.24248EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/09/14 12:0 a.m.•27 views

Embedded Base-64 Encoded TTF Files (CVE-2010-2738)

Unicode Script Processor is a Windows component that enables a text layout client to format complex scripts. A remote code execution vulnerability has been reported in the way affected versions of Microsoft Windows incorrectly parse specific font types. A remote attacker could exploit this issue...

9.3CVSS7.2AI score0.18537EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2010/08/29 12:0 a.m.•27 views

Apple QuickTime Streaming Debug Error Logging Buffer Overflow (CVE-2010-1799)

QuickTime is a media player application developed by Apple. It is capable of playing back numerous multimedia file formats from local file system or network servers. One of the media formats supported by Apple QuickTime is SMIL. A stack buffer overflow vulnerability exists in Apple QuickTime medi...

9.3CVSS7.2AI score0.33701EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2010/08/29 12:0 a.m.•27 views

CA BrightStor ARCserve Backup Tape Engine RPC Opcode 207 Buffer Overflow (CVE-2007-0169)

Computer Associates BrightStor ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including Backup and Restore, Data Migration, and Threat Management. There exists a...

7.5CVSS7.6AI score0.68809EPSS
Exploits16
Check Point Advisories
Check Point Advisories
•added 2010/08/24 12:0 a.m.•27 views

Adobe Shockwave Player MCsL Parsing Memory Corruption (APSB10-20; CVE-2010-2881)

Adobe Shockwave is a multimedia player that allows Adobe Director applications to be published on the Internet and viewed in a web browser by anyone who has the Shockwave plug-in installed. A memory corruption vulnerability has been identified in Adobe Shockwave Player. The vulnerability is due t...

9.3CVSS6.4AI score0.04321EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/08/10 12:0 a.m.•27 views

Microsoft Silverlight Pointer Handling Memory Corruption (MS10-060; CVE-2010-0019)

Microsoft Silverlight is a cross-browser, cross-platform implementation of the Microsoft .NET Framework for building media experiences and rich interactive applications for the Web. A memory corruption vulnerability has been reported in the way that Microsoft Silverlight handles pointers. To...

9.3CVSS7AI score0.14368EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/08/02 12:0 a.m.•27 views

IBM Lotus Notes WPD Attachment Viewer Buffer Overflow (CVE-2007-5544)

Lotus Notes is a client-server collaborative software and email system provided by IBM. The Lotus Notes email client application is capable of communicating with email servers over the SMTP, POP, and IMAP protocols. There exist a buffer overflow vulnerability in IBM Lotus Notes WPD viewer. The...

6.2CVSS7.5AI score0.0027EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/06/27 12:0 a.m.•27 views

Oracle Database SQL Compiler Access Control Security Bypass (CVE-2007-3855)

There exists a security bypass vulnerability in the Oracle Database Server product. Specifically, the flaw exists due to improper enforcement of user permissions on data access to tables through certain types of views. A remote authenticated attacker may use this vulnerability to perform UPDATE,...

6.5CVSS5.9AI score0.15815EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2010/05/31 12:0 a.m.•27 views

Microsoft ASP.NET Application Folder Information Disclosure (MS06-033; CVE-2006-1300)

ASP.NET is a technology that provides a programming model and infrastructure for creating dynamic web applications. ASP.NET is part of the Microsoft .NET Framework. ASP.NET is deployed on the Microsoft Internet Information Server, which treats files with the .aspx extension as ASP.NET files and...

5CVSS5.8AI score0.37158EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/05/20 12:0 a.m.•27 views

Microsoft Excel Malformed Filter Records Handling Code Execution (MS07-023; CVE-2007-1214)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

6.8CVSS7.2AI score0.28478EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/04/27 12:0 a.m.•27 views

IBM Lotus Notes WPD Attachment Handling Buffer Overflow (CVE-2008-4564)

Lotus Notes is a client-server collaborative software and email system provided by IBM. The Lotus Notes email client application is capable of communicating with email servers over the SMTP, POP, and IMAP protocols. A stack-based buffer overflow vulnerability exists in the IBM Lotus Notes WPD. Th...

9.3CVSS7.7AI score0.06757EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2010/04/13 12:0 a.m.•27 views

Microsoft SMB Client Message Size Remote Code Execution (MS10-020; CVE-2010-0477)

The SMB Protocol is a network file sharing protocol that is implemented in Microsoft Windows. A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block SMB client implementation. The vulnerability is due to an error in the Microsoft SMB client...

10CVSS7.2AI score0.50186EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2010/03/17 12:0 a.m.•27 views

CA Multiple Products HTTP Request Buffer Overflow (CVE-2005-3190)

The Computer Associates CA BrightStor backup server product line provides facilities for integration with third party software and hardware products to consolidate storage management tasks. CA uses an XML-based interface named iSponsor/iGateway to integrate with storage management applications fr...

7.5CVSS7.7AI score0.65615EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2010/03/11 12:0 a.m.•27 views

QuickTime-Darwin Denial of Service (CVE-2004-0169)

A vulnerability exists in the Quicktime Streaming Server and Darwin Streaming Server that allows remote users to cause a denial of service condition on the server. The vulnerability can be exploited to cause the service to either crash or consume all available processor resources. The...

5CVSS6.1AI score0.03474EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2010/03/01 12:0 a.m.•27 views

Microsoft Windows Graphics Rendering Engine Buffer Overflow (MS04-032; CVE-2004-0209)

The Microsoft Windows Metafile Format WMF is used to store pictures and other graphical renderings as either vector or bitmap-format graphical data. The vector data stored in WMF files is described as Microsoft Windows Graphics Device Interface GDI commands. The WMF format is the original 16-bit...

10CVSS7.3AI score0.62054EPSS
Exploits8
Total number of security vulnerabilities5000