Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•10 views

Microsoft Graphics Filters CGM Image Converter Buffer Overrun (MS10-105) - Ver2 (CVE-2010-3945)

Computer Graphics Metafile CGM is a free and open international standard file format for 2D vector graphics, raster graphics, and text. A remote code execution vulnerability has been discovered in the way that Microsoft Office allocates buffer size when handling CGM image files. The vulnerability...

9.3CVSS7.2AI score0.25106EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•30 views

Sielco Sistemi Winlog Buffer Overflow - Ver2 (CVE-2012-3815)

A stack-based buffer overflow vulnerability has been reported in Sielco Sistemi Winlog. The vulnerability is due to insufficient sanitation of TCP requests. A remote attacker can exploit this issue by sending a specially crafted TCP request to the affected server. Successful exploitation would...

9.3CVSS7.6AI score0.4434EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•6 views

Microsoft Internet Explorer MSHTML Uninitialized Memory Corruption (MS10-071) - Ver2 (CVE-2010-3331)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted when a document in an HTML format is opened in Microsoft Word. To trigger this issue, ...

9.3CVSS7AI score0.25422EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•23 views

HP OpenView Network Node Manager Accept-Language Buffer Overflow - Ver2 (CVE-2009-4179)

A stack buffer overflow exists in HP OpenView Network Node Manager NNM CGI program ovalarm.exe. The vulnerability is due to a boundary error when processing the Accept-Language HTTP header and the OvAcceptLang cookie value in a crafted HTTP request. A remote unauthenticated attacker can exploit...

10CVSS1.9AI score0.66973EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•10 views

VLC Media Player XSPF Playlist Integer Overflow - Ver2 (CVE-2011-2194)

An integer overflow vulnerability has been reported in VideoLAN VLC Media Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.8AI score0.09181EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•27 views

Microsoft Visual Studio WMI Object Code Execution (MS06-073) - Ver2 (CVE-2006-4704)

A remote code execution vulnerability exists in Microsoft Visual Studio 2005. Microsoft Visual Studio is a software development product for computer programmers. It centers on an integrated development environment which lets programmers create standalone applications, web sites, web applications,...

6.8CVSS7.4AI score0.42846EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•6 views

Adobe Acrobat And Reader Heap-based memory corruption (APSB15-10: CVE-2015-3051)

A Heap based memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error occurring when a font object containing a negative value being passed to callother operator, causing an integer overflow. A remote attacker can exploit this vulnerability by...

10CVSS6.9AI score0.12208EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•35 views

Microsoft XML Core Services Remote Code Execution (KB2719615) - Ver2 (CVE-2012-1889)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is caused due to a memory corruption when XML core Services attempts to access an object in memory that has not been initialized. A remote attacker may exploit this vulnerability by enticing ...

9.3CVSS7.6AI score0.83638EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•8 views

Oracle Java Runtime Environment ShortComponentRaster.verify Memory Corruption - Ver2 (CVE-2013-2472)

A memory corruption vulnerability exists in Oracle's Java Runtime. The vulnerability is due to insufficient input validation on ShortComponentRaster.verify method parameters which will lead to bypassing of "dataOffsets0" boundary checks when the "numDataElements" field is 0. A remote attacker can...

10CVSS3.1AI score0.22988EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•28 views

VMware OVF Tool Format String - Ver2 (CVE-2012-3569)

A format string vulnerability has been reported in VMware OVF Tool.The vulnerability is caused by insufficient sanitization when processing OVF files.A remote attacker can exploit this vulnerability to execute arbitrary code in the security context of the current user...

9.3CVSS7.2AI score0.47719EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•36 views

ISS ICQ Parsing - Ver2 (CVE-2004-0362)

There is a vulnerability within several ISS security products, including BlackICE, RealSecure, and Proventia, in the way they parse the ICQ messaging protocol. An attacker, exploiting this vulnerability, can cause a buffer overflow, resulting in the termination of a service or execution of...

7.5CVSS2.4AI score0.7333EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•24 views

HP Intelligent Management Center img Buffer Overflow - Ver2 (CVE-2011-1848)

HP Intelligent Management Center IMC is a stand-alone, comprehensive management platform developed by HP that delivers integrated and modular network management capabilities. IMC Enterprise Edition is designed on a service-oriented architecture SOA using a business application flow model as the...

10CVSS2.5AI score0.12855EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•15 views

Microsoft Internet Explorer Deleted Object Code Execution (MS13-037) - Ver2 (CVE-2013-1312)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.20643EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•16 views

MySQL Malformed Password Authentication - Ver2 (CVE-2004-0627)

MySQL is an open-source implementation of a relational database management system. MySQL supports the SQL Structured Query Language database query language. The database product allows remote network connections from client applications over the proprietary MySQL network protocol in addition to...

10CVSS7.1AI score0.69647EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•29 views

Ca eTrust PestPatrol Antispyware ActiveX Buffer Overflow106 - Ver2 (CVE-2009-4225)

A buffer overflow vulnerability has been reported in Ca Etrust Pestpatrole Ppctl.dll Activex and Computer Associates eTrust PestPatrol. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

9.3CVSS5.5AI score0.30619EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•57 views

Microsoft Windows Media Player MIDI Code Execution (MS12-004) - Ver2 (CVE-2012-0003)

A remote code execution vulnerability has been reported in Windows Media Player. The vulnerability is due to an error in Windows Media Player while handling specially crafted MIDI files. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted MIDI fi...

9.3CVSS7.2AI score0.69499EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2015/05/18 12:0 a.m.•14 views

Microsoft Windows AVI File Data Validation Integer Overflow (MS09-038) - Ver2 (CVE-2009-1546)

Audio Video Interleave AVI is a special case of Resource Interchange File Format RIFF.This file type used with applications that capture, edit, and play back audio-video sequences. The vulnerability is due to an error in the Windows component responsible for processing AVI files that does not...

8.5CVSS7.2AI score0.22464EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/05/17 12:0 a.m.•7 views

Adobe Acrobat and Reader Null Pointer Dereference Denial of Service (APSB15-10: CVE-2015-3047)

A denial of service vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to a null pointer dereference. A remote attacker can exploit this issue by enticing a target user to open a specially crafted PDF file...

5CVSS6AI score0.09084EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/17 12:0 a.m.•3 views

Adobe Acrobat and Reader Buffer Overflow (APSB15-10: CVE-2015-3048)

A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while creating a new broker process for the IE EPM sandbox. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

10CVSS6.6AI score0.13637EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/17 12:0 a.m.•4 views

Adobe Flash Player Type Confusion (APSB15-09: CVE-2015-3077)

A type confusion vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an...

10CVSS3.1AI score0.14642EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/17 12:0 a.m.•6 views

Adobe Reader Memory Corruption (APSB15-10: CVE-2015-3046)

Adobe Reader is vulnerable to a memory corruption while parsing data from a PRC stream. A remote attacker could exploit this vulnerability by enticing a victim to open a specially crafted PDF file, which could result in remote code execution with security privileges of the current user...

10CVSS7.2AI score0.12208EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/17 12:0 a.m.•9 views

Adobe Acrobat and Reader Buffer Overflow (APSB15-10: CVE-2014-9160)

A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS6.6AI score0.10734EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/17 12:0 a.m.•8 views

Adobe Reader and Acrobat Memory Corruption (APSB15-10: CVE-2014-9161)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

9.3CVSS6.4AI score0.04051EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/17 12:0 a.m.•41 views

Weak SSL RC4 Cipher Suites (CVE-2013-2566; CVE-2015-2808)

RC4 is a widely supported stream cipher, often preferred by TLS servers and other servers using encrypted sessions. It has long been known to have a variety of cryptographic weaknesses. Recent cryptanalysis results, one of which is the "Bar Mitzvah attack", exploit biases in the RC4 keystream to...

5CVSS1.8AI score0.84424EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/14 12:0 a.m.•5 views

OpenSSL Invalid PSS Parameters Denial of Service (CVE-2015-0208)

A denial of service vulnerability exists in OpenSSL. The vulnerability is due to a null pointer dereference when an OpenSSL application receives and processes a crafted certificate containing invalid RSA PSS parameters. A remote, unauthenticated attacker can exploit this vulnerability by sending ...

4.3CVSS4.2AI score0.33482EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/13 12:0 a.m.•2 views

MIT Kerberos 5 recvauth Denial Of Service (CVE-2014-5355)

A denial of service vulnerability exists in MIT Kerberos 5. The vulnerability occurs when recvauthcommon calls krb5readmessage to receive and process a crafted message causing it to return an invalid string that later causes a NULL pointer dereference or an attempt to read beyond the end of a...

5CVSS3.6AI score0.04587EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/13 12:0 a.m.•7 views

OpenSSL DHE Client Key Exchange Denial of Service (CVE-2015-1787)

A denial of service vulnerability exists in OpenSSL. The vulnerability is due to a null pointer dereference that occurs when an OpenSSL application receives and processes a Client Certificate and a crafted Client Key Exchange handshake message.A remote, unauthenticated attacker can exploit this...

2.6CVSS2.1AI score0.07352EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•4 views

Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1698)

A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...

9.3CVSS3.9AI score0.17767EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•4 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1710)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•3 views

Microsoft Internet Explorer Clipboard Information Disclosure (MS15-043: CVE-2015-1692)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer, The vulnerability is due to an improper restriction of access to the clipboard of a user who visits a website. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page...

4.3CVSS5.7AI score0.35623EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•1 views

MacKeeper Remote Code Execution

A remote code execution has been reported in MacKeeper. By enticing the user to visit a specially crafted URL, a remote attacker could run arbitrary code on the victim's computer...

5.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•5 views

Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1697)

A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...

9.3CVSS3.9AI score0.17767EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•6 views

Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1675)

A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...

9.3CVSS3.9AI score0.14217EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1686)

A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to JScript and VBScript engines not using Address Space Layout Randomization ASLR security feature when rendered in Internet Explorer. A remote attacker can exploit this issue by...

4.3CVSS6.2AI score0.16265EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•8 views

Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1695)

A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...

9.3CVSS3.9AI score0.14217EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1712)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.26881EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•3 views

Microsoft Internet Explorer ASLR Bypass (MS15-043: CVE-2015-1685)

A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to improper implementation of the Address Space Layout Randomization ASLR security feature. A remote attacker can exploit this issue by enticing a user to open a specially crafted...

4.3CVSS6.2AI score0.16635EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1714)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.26881EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1709)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1691)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1658)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS4.1AI score0.15789EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1706)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS4.1AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•5 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1711)

A use-after-free vulnerability has been reported in Microsoft Internet Explorer which could result in remote code execution. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...

9.3CVSS5.6AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1689)

A use-after-free vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.1AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•8 views

Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1696)

A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...

9.3CVSS3.9AI score0.17767EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•14 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1705)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.15631EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•7 views

Microsoft Windows Journal Remote Code Execution (MS15-045: CVE-2015-1699)

A remote code execution vulnerability has been reported in Microsoft Windows Journal. The vulnerability is due to the way Windows Journal processes specially crafted jnt files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted jnt file...

9.3CVSS3.9AI score0.14217EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•6 views

Microsoft Management Console File Format Denial of Service (MS15-054; CVE-2015-1681)

A denial of service vulnerability has been reported in Microsoft Management Console. The vulnerability exists when Windows attempts to access a specially crafted .msc file to retrieve the icon information, and then fails to properly validate a destination buffer. A remote attacker can exploit thi...

1.9CVSS6AI score0.01685EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•14 views

Microsoft Office Memory Corruption (MS15-046: CVE-2015-1682)

A remote code execution vulnerability exists in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office improperly handles objects in memory while parsing specially crafted files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

9.3CVSS6.9AI score0.20534EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/05/12 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS15-043: CVE-2015-1718)

A use-after-free vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.1AI score0.15631EPSS
Exploits0
Total number of security vulnerabilities13538