Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•3 views

Internet Explorer URLEncoded Characters Information Disclosure - Ver2 (CVE-2002-1186)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

5CVSS3.2AI score0.19121EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•2 views

Interactive Data eSignal Listener Buffer Overflow - Ver2 (CVE-2004-1868)

eSignal is a real-time market data and support tool provided by Interactive Data Corporation. The product supplies financial market data and more for traders over the internet. To facilitate the receipt of incoming data, eSignal opens a local, listening socket on TCP Port 80. There exists a buffe...

7.5CVSS6.5AI score0.06708EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•2 views

SAP Internet Transaction Server Information Disclosure - Ver2 (CVE-2003-0747)

An information disclosure vulnerability has been reported in Sap Internet Transaction Server. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

5CVSS5.6AI score0.02839EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•5 views

Microsoft Excel Sheet Name Memory Corruption - Ver2 (CVE-2007-3490)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

7.5CVSS3.8AI score0.36551EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•4 views

Microsoft HSC URL RemoteCodeExecution (MS04-011) - Ver2 (CVE-2003-0907)

A vulnerability exist in the way Help and Support Center HSC validates URLs with the scheme hcp://. There is a vulnerability in the way the Microsoft Help and Support Center processes URL strings. The vulnerability could be exploited to run malicious JavaScript code in the security context of "My...

5.1CVSS6.1AI score0.21852EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•6 views

LupperA XMLRPC Propagation Request Code Execution - Ver2 (CVE-2005-1921)

A code execution vulnerability has been reported in Pear XML RPC. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.2AI score0.79071EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•20 views

X97EmbedAn Excel Document Code Execution - Ver2 (CVE-2006-3059)

A code execution vulnerability has been reported in Microsoft Excel Viewer and Microsoft Excel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.4AI score0.41113EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•12 views

Microsoft Windows Vista Contact Gadget Remote Code Execution - Ver2 (CVE-2007-3032)

A code execution vulnerability has been reported in Microsoft Windows Vista. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS5.7AI score0.25165EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•3 views

Mozilla Firefox nsTreeRange Use After Free - Ver2 (CVE-2011-0073)

A use-after-free vulnerability has been reported in Mozilla Firefox. The vulnerability is due to an error while handling user-defined functions in JavaScript JS files. A remote attacker may exploit this vulnerability by enticing users to open a specially crafted web-page using an affected version...

10CVSS3.4AI score0.70005EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•4 views

Alcatel OmniPCX Office FastJSDatacgi id2 Parameter Command Execution - Ver2 (CVE-2008-1331)

A command execution vulnerability has been reported in Alcatel-Lucent OmniPCX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS7.3AI score0.08778EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•7 views

Microsoft Office BMP Header biClrUsed Integer Overflow (MS09-062) - Ver2 (CVE-2009-2518)

Microsoft Office is a popular productivity application suite released by Microsoft Corporation. It includes a word processor, a spreadsheet application, a presentation editor, and a number of other applications and components. The Office Document files used by these applications contain a common...

9.3CVSS7.1AI score0.22608EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•8 views

Internet Explorer HTML Tag Memory Corruption (MS06-013) - Ver2 (CVE-2006-1188)

Microsoft Internet Explorer IE is the most widely used web browser application today. The browser is capable of processing HTML, scripting languages, and interpretation of various other popular Internet specifications. There are numerous versions of the HTML standard that are interpreted by the...

7.5CVSS7.3AI score0.57234EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•7 views

Voodoo Chat index.php file_path Parameter PHP Code Execution - Ver2 (CVE-2006-3991)

A code execution vulnerability has been reported in Voc-project Voodoo Chat. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS4.8AI score0.0249EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•12 views

Internet Explorer Malformed GIF File Double Free (MS04-025) - Ver2 (CVE-2003-1048)

The Graphics Interchange Format GIF defines a file format intended for the on-line transmission and interchange of raster graphic data. It uses the LZW compression algorithm to minimize file sizes. A double free vulnerability exists in the way Microsoft Internet Explorer handles images of the GIF...

10CVSS7.1AI score0.26628EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•27 views

Apple Quicktime MJPEG Frame stsd Atom Heap Overflow - Ver2 (CVE-2013-1020)

A buffer overflow vulnerability has been reported in Apple Quicktime. The vulnerability is due to improper processing of mjpeg movies with an improper jpeg frame size in the stsd atom. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

9.3CVSS7.5AI score0.03335EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•13 views

Microsoft Excel Sheet Object Type Confusion (MS10-017) - Ver2 (CVE-2010-0258)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...

9.3CVSS3AI score0.6095EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•4 views

Microsoft Winhlp32 Compressed Phrase Buffer Overflow attack - Ver2 (CVE-2004-1306)

A buffer overflow vulnerability has been reported in Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows NT and Microsoft Windows Server 2003. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...

5.1CVSS4.3AI score0.34537EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•4 views

Oracle HTTP Server Cross-Site Scripting - Ver2 (CVE-2004-2115)

A cross-site scripting vulnerability has been reported in Oracle HTTP Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

6.8CVSS3AI score0.58352EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•13 views

Microsoft HSC URL Remote Code Execution (MS04-015) - Ver2 (CVE-2004-0199)

A vulnerability exists in the way Microsoft Help and Support Center HSC validates URLs with the scheme hcp://. There is a vulnerability in the way the Microsoft Help and Support Center processes URL strings. The vulnerability could be exploited to download and execute malicious programs on a...

5.1CVSS0.1AI score0.26133EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•5 views

Mozilla Firefox Proxy Prototype Remote Code Execution (CVE-2014-8636)

A remote code execution vulnerability has been detected in Mozilla Firefox. A remote attacker may exploit this vulnerability by enticing users to open a specially crafted web-page. Successful exploitation would allow an attacker to execute arbitrary code in the user's security context...

7.5CVSS6.7AI score0.65657EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•18 views

VS News System show_news_inc.php newsordner Parameter PHP Code Execution - Ver2 (CVE-2007-1017)

A code execution vulnerability has been reported in Virtualsystem Vs-news-system. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS5.3AI score0.04136EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•5 views

Adobe Reader and Acrobat File Extension Buffer Overflow - Ver2 (CVE-2004-0632)

A buffer overflow vulnerability has been reported in Adobe Acrobat and Adobe Acrobat Reader. The vulnerability is due to improper handling of file name extensions. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...

7.5CVSS3.8AI score0.07237EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•8 views

Microsoft HSC URL RemoteCodeExecution (MS04-011) - Ver2 (CVE-2003-0907)

A vulnerability exist in the way Help and Support Center HSC validates URLs with the scheme hcp://. There is a vulnerability in the way the Microsoft Help and Support Center processes URL strings. The vulnerability could be exploited to run malicious JavaScript code in the security context of "My...

5.1CVSS6.1AI score0.21852EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•14 views

Joomla index.php Multiple Parameter XSS - Ver2 (CVE-2011-2710)

A cross-site scripting vulnerability has been reported in Joomla. The vulnerability is due to the script not validating input appended to the URL or passed via the 'searchword', 'extension', 'asset', 'author' parameters upon submission to the index.php script. Successful exploitation of this...

4.3CVSS5.8AI score0.01264EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•31 views

Oracle Database Client System Analyzer Arbitrary File Upload Code Execution - Ver2 (CVE-2010-3600)

A code execution vulnerability has been reported in Oracle Enterprise Manager Grid Control and Oracle Database Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.4AI score0.76694EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•6 views

Microsoft Word RTF listoverridecount Memory Corruption - Ver2 (CVE-2014-1761)

A memory corruption vulnerability has been reported in Microsoft Word. The vulnerability is due to improper handling of structures when parsing a specially crafted RTF document. An attacker could exploit this vulnerability by enticing the target user to open a specially crafted RTF file. Successf...

9.3CVSS3.9AI score0.77734EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•11 views

TheWebForum register.php www Parameter XSS - Ver2 (CVE-2006-0134)

A cross-site scripting vulnerability has been reported in TheWebForum. The vulnerability is due to the application not validating the 'www' variable upon submission to the 'register.php' script. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web...

4.3CVSS4.2AI score0.01784EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•2 views

Mozilla Firefox mozgrid Modification Denial of Service - Ver2 (CVE-2006-1738)

A denial-of-service vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird, Mozilla SeaMonkey and Mozilla Suite. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5CVSS4.2AI score0.04377EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•17 views

Microsoft Excel Cell Length Buffer Overflow (MS04-033) - Ver2 (CVE-2004-0846)

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available in several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...

7.5CVSS2.1AI score0.28348EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•5 views

Adobe Reader JavaScript printSeps Function Heap Corruption (APSB10-28) - Ver2 (CVE-2010-4091)

Portable Document Format PDF is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. A heap corruption vulnerability exits in the way Adobe Acrobat and Reader handle specially craft...

9.3CVSS7AI score0.18519EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•4 views

CHETCPASSWD System Shadow File Disclosure - Ver2 (CVE-2002-2219)

An information disclosure vulnerability has been reported in CHETCPASSWD. The vulnerability may potentially cause the tail end of the local shadow file to be disclosed to a remote attacker...

7.5CVSS2.6AI score0.06043EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•7 views

HPUX LPD Metacharacter Command Execution - Ver2 (CVE-2005-3277)

A command execution vulnerability has been reported in HP-UX family of operating systems. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5AI score0.19425EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•3 views

Drupal Core XML-RPC Endpoint xmlrpc.php Internal Entity Expansion Denial of Service - Ver2 (CVE-2014-5265)

A denial of service vulnerability has been reported in Drupal Core. This can cause a very high CPU load and memory exhaustion. A remote unauthenticated attacker can exploit this vulnerability to cause a denial of service on the vulnerable system...

5CVSS3AI score0.03089EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•11 views

Microsoft Windows Schannel Remote Code Execution - Ver2 (CVE-2014-6321)

A code execution vulnerability has been reported in Secure Channel Schannel security package. An attacker could exploit this vulnerability by sending specially crafted packets to a Windows server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...

10CVSS7.3AI score0.95988EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•1 views

Mozilla Firefox Floating Layer Column Layout Denial of Service - Ver2 (CVE-2007-0775)

A denial-of-service vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

3.7CVSS4.3AI score0.0114EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•2 views

Adobe Reader JPEG2000 Region of Interest Memory Corruption (APSB10-02) - Ver2 (CVE-2009-3955)

Portable Document Format PDF is an open file format created by Adobe Systems. A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to the way Adobe Reader and Acrobat parse a PDF file containing a malformed Jp2c stream of a JpxDecode encoded da...

10CVSS7AI score0.15809EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•6 views

MySQL and MariaDB Incorrect Cast Policy Bypass - Ver2 (CVE-2012-2122)

An incorrect cast has been reported in MySQL and MariaDB. The vulnerability is due to the reliance on memcpy returning a value between -128 and 127. A remote, unauthenticated attacker can exploit this vulnerability by repeatedly trying to connect to the affected database service...

5.1CVSS3.4AI score0.96188EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•7 views

Microsoft Windows 2000 Domain Authentication Bypass attack - Ver2 (CVE-2004-0540)

An authentication bypass vulnerability has been reported in Microsoft Windows 2000. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...

10CVSS6.2AI score0.04844EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•5 views

Check Point Firewall-1 HTTP Parsing Format String Code Execution - Ver2 (CVE-2004-0039)

A code execution vulnerability has been reported in Checkpoint Firewall-1. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.6AI score0.09314EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•15 views

BitDefender Antivirus Logging Function Format String - Ver2 (CVE-2005-3154)

The SOFTWIN BitDefender Antivirus AV product is an anti-virus scanner capable of on-demand as well as email scanning operations. The AV scanner logs by default all results of scans that it performs on the host machine. The logs include positive as well negative virus pattern matches. There exists...

7.5CVSS1.1AI score0.03548EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•1 views

Mozilla Firefox XSL Transformation Memory Corruption - Ver2 (CVE-2009-1169)

Mozilla Firefox is a web browser developed by Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, various graphics formats, and so on. The browser runs on the Windows,...

9.3CVSS9.6AI score0.10464EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•13 views

Internet Explorer HTML Help Remote Code Execution (MS05-001) - Ver2 (CVE-2004-1043)

Microsoft Internet Explorer executes with the concept of security zones, which enables the browser to apply different security policies based on the origin of the file that is being rendered. For instance, separate restrictions may be set for remote content and for local content. As a rule,...

5CVSS1AI score0.44984EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•4 views

Wireshark SigComp UDVM Dissector Remote Code Execution - Ver2 (CVE-2010-2287)

A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to incorrect implementation of the SigComp UDVM Dissector. An attacker can exploit this issue by sending a malicious sigComp traffic in the internet...

8.3CVSS4.3AI score0.00812EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•2 views

Adobe Flash Player Use After Free Remote Code Execution (APSB15-05: CVE-2015-0342)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially craft...

10CVSS3.4AI score0.06744EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB15-05: CVE-2015-0335)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.05307EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•3 views

CVSTrac FileDiff v2 Parameter Command Execution - Ver2 (CVE-2004-1456)

A command execution vulnerability has been reported in CVSTrac. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS7.3AI score0.13991EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•6 views

AlienVault OSSIM av-centerd Util.pm remote_task Arbitrary Command Execution - Ver2 (CVE-2014-5210)

The vulnerability is due to a failure to safely sanitize remotetask SOAP requests within Util.pm. this vulnerability can be exploit by sending crafted requests to the affected service. Successful exploitation could result in arbitrary command execution with root privileges...

10CVSS6.6AI score0.14917EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•15 views

Microsoft Windows Vista Feed Headlines Gadget Code Execution (MS07-048) - Ver2 (CVE-2007-3033)

Gadgets are mini applications with a variety of possible uses. They can connect to web services to deliver business data, weather information, news updates, traffic maps, Internet radio streams, and even slide shows of on-line photo albums. Windows Vista is shipped with a set of gadgets, includin...

4.3CVSS3.5AI score0.28367EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•2 views

Mozilla Firefox SVG pathSegListgetItem Negative Argument Memory Corruption - Ver2 (CVE-2007-2867)

A memory corruption vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS4.8AI score0.03407EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/03/26 12:0 a.m.•10 views

Microsoft XML Signature HMAC Truncation Bypass (MS10-041) - Ver2 (CVE-2009-0217)

The Microsoft .NET Framework is a component of the Microsoft Windows operating system that enables building and running software applications and Web services. A tampering vulnerability exists in the Microsoft .NET Framework that could allow an attacker to tamper with signed XML content without...

5CVSS1.8AI score0.06348EPSS
Exploits0
Total number of security vulnerabilities13538