Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2015/01/11 12:0 a.m.•4 views

Adobe Acrobat And Reader Use-After-Free (APSB14-28: CVE-2014-8455)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

10CVSS6.1AI score0.08454EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/11 12:0 a.m.•9 views

Adobe Reader Memory Corruption (APSB14-28: CVE-2014-8460) - ver 2

Adobe Reader is vulnerable to a buffer overflow while parsing the font data. The access violation occurs because the number of subroutines for the embedded font is larger than the size of the subroutine array which leads to a crash...

10CVSS6.8AI score0.09712EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/11 12:0 a.m.•2 views

Morfeus Security Scanner

Morfeus is a vulnerability scanning product. Remote attackers can use Morfeus to detect vulnerabilities on a target server...

3.5AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/11 12:0 a.m.•4 views

Adobe Flash Player Use After Free Code Execution (APSB14-27: CVE-2014-8443)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error while loading specially crafted SWF files. A remote attacker can exploit this issue by enticing the victim to open a specially crafted SWF file...

10CVSS3.5AI score0.04701EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/08 12:0 a.m.•0 views

Web Clients Cookie Arbitrary Website Redirection

An unsolicited redirection vulnerability has been reported. The vulnerability is due to a design flaw which allows attackers to redirect users to arbitrary websites...

5.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/08 12:0 a.m.•2 views

Adobe Acrobat And Reader Use-After-Free (APSB14-28: CVE-2014-9165)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file. Successful exploitatio...

10CVSS6.9AI score0.08454EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/08 12:0 a.m.•7 views

Adobe Flash Player Improper File Validation (APSB15-01: CVE-2015-0301)

An improper file validation issue has been reported in Adobe Flash Player. The vulnerability occurs when the Flash Broker application allows malicious dlls or exes files to be written to one of the whitelisted directories. such a malicious dll dropped in these directories could be used to deliver...

10CVSS2.9AI score0.05166EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/08 12:0 a.m.•3 views

GD Graphics Library PNG Buffer Overflow (CVE-2004-0941)

There is a vulnerability in the way GD Graphics Library parses PNG image files. A malicious file with specially crafted fields can trigger a heap-based buffer overflow. An attacker can exploit this vulnerability to create a denial of service condition or execute arbitrary code...

10CVSS6.5AI score0.10693EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/08 12:0 a.m.•16 views

Microsoft Windows Media Player ASX Playlist Parsing Buffer Overflow - ver 2 (CVE-2006-6134)

A buffer overflow vulnerability has been reported in Microsoft Windows Media Player. The vulnerability is due to a buffer overflow error when processing malformed ASX file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS6.5AI score0.41285EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2015/01/07 12:0 a.m.•1 views

Multiple Web Servers Archived Link Information Disclosure

An information disclosure vulnerability has been reported in some Linux servers. By uploading a specially crafted compressed archive file a remote attacker may leverage this vulnerability to gain access to sensitive information. Successful exploitation will allow the attacker to gain access to...

3.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/07 12:0 a.m.•6 views

Adobe Reader Javascript API Information Disclosure (APSB14-28: CVE-2014-8448)

An information disclosure vulnerability has been reported in Adobe Reader. The vulnerability is due to an error in the way Adobe Reader handles specially crafted PDF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...

5CVSS5.7AI score0.094EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/07 12:0 a.m.•3 views

OpenSSL Ephemeral ECDH Cipher Suite Handshake Downgrade (CVE-2014-3572)

A vulnerability has been detected in the way OpenSSL handles TLS handshakes involving certain cipher suites. An attacker might leverage this vulnerability to impersonate a server and intercept secure communications...

5CVSS2.7AI score0.06574EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/07 12:0 a.m.•28 views

Netscape NSS Library Record Parsing Buffer Overflow (CVE-2004-0826)

A vulnerability exists in Netscape Network Security Services NSS library's SSLv2 message parsing routines...

7.5CVSS6.3AI score0.22525EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2015/01/06 12:0 a.m.•8 views

WordPress VideoWhisper Live Streaming Integration Plugin Unrestricted File Upload (CVE-2014-1905)

An unauthorized file upload vulnerability has been reported in VideoWhisper Live Streaming Integration plugin for WordPress. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could...

10CVSS5AI score0.1036EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2015/01/05 12:0 a.m.•0 views

Magnitude Exploit Kit Landing Page

Magnitude exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Magnitude exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/04 12:0 a.m.•0 views

Astrum Exploit Kit Landing Page

Astrum exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Astrum exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...

5.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/01 12:0 a.m.•2 views

Gondad Exploit Kit Landing Page

Gondad exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Gondad exploit kit by enticing them to visit a malicious web page. Successful infection will compromise the security of all data on the victim's...

4.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/01 12:0 a.m.•1 views

Angler Exploit Kit Landing Page - Ver 2

Angler exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Angler exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...

5.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/01 12:0 a.m.•1 views

Sweet Orange Exploit Kit Landing Page

Sweet Orange exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Sweet Orange exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code...

5.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/01 12:0 a.m.•3 views

Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX Control Buffer Overflow (CVE-2008-0955)

A remote code execution vulnerability has been reported inCreative Software AutoUpdate Engine. The vulnerability is due to boundary errors within the AutoUpdate Engine ActiveX control CTSUEng.ocx. A remote attacker can exploit this vulnerability by enticing a user to open a malicious web page...

9.3CVSS7.3AI score0.41231EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2015/01/01 12:0 a.m.•1 views

Angler Exploit Kit Landing Page

Angler exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Angler exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...

5.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2015/01/01 12:0 a.m.•3 views

Angler Exploit Kit Landing Page URL

Angler exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with Angler exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution o...

5.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/31 12:0 a.m.•2 views

Wordpress Ajax Store Locator Arbitrary File Download

An arbitrary file download vulnerability exists in Wordpress Ajax Store Locator. The vulnerability is due to a parameter arriving from user input, which is not properly sanitized. A remote attacker might gain access to arbitrary files using a specially crafted request...

3.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/31 12:0 a.m.•4 views

Adobe Flash Player Memory Corruption (APSB14-27: CVE-2014-0587)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS4.4AI score0.04528EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/31 12:0 a.m.•8 views

WordPress Symposium Plugin Unauthenticated Shell Upload (CVE-2014-10021)

WordPress Symposium plugin allows user to upload files without proper validation of file type. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system...

7.5CVSS2.9AI score0.59968EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/31 12:0 a.m.•16 views

ManageEngine NetFlow Analyzer And IT360 Multiple servlets Arbitrary File Download (CVE-2014-5445)

An arbitrary file download vulnerability exists in ManageEngine Netflow Analyzer and IT360. The vulnerability is due to lack of authentication and insufficient input validation of the schFilePath parameter sent to servlets in HTTP requests. A remote unauthenticated attacker can download arbitrary...

5CVSS1.1AI score0.98165EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/12/29 12:0 a.m.•1 views

ActualScripts ActualAnalyzer Cookie Command Execution

A command execution vulnerability exists in ActualAnalyzer. The vulnerability is due to insufficient input validation when handling cookie values. A remote unauthenticated attacker can exploit this vulnerability by sending an HTTP request with a crafted cookie value. Successful exploitation could...

2.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/29 12:0 a.m.•5 views

Adobe Flash Player Memory Corruption (APSB14-24: CVE-2014-8441)

A memory corruption vulnerability has been reported in Adobe Flash Player. Successful exploitation of this vulnerability may allow the attacker to access unmapped memory on the target system...

10CVSS3AI score0.06276EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/29 12:0 a.m.•11 views

Advantech WebAccess SCADA webeye.ocx ip_address Parameter Buffer Overflow - ver 2 (CVE-2014-8388)

A stack buffer overflow exists in Advantech's WebAccess SCADA software. The vulnerability is due to insufficient input validation of the ipaddress parameter contained in the webeye.ocx ActiveX control, a part of the WebAccess Client. A remote, unauthenticated attacker could exploit this...

7.2CVSS7.2AI score0.01051EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/29 12:0 a.m.•24 views

Advantech ADAMView Display Properties Parameter Remote Code Execution (CVE-2014-8386)

A remote code execution vulnerability has been reported in Advantech ADAMView. The vulnerability is due to insufficient validation of display properties from a file. A remote attacker can exploit this vulnerability by enticing a user to download and process a maliciously crafted file...

7.5CVSS4.1AI score0.05921EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/12/29 12:0 a.m.•3 views

Adobe Acrobat and Reader Stack Buffer Overflow (APSB13-02: CVE-2013-0610)

A stack overflow vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to an error in Adobe Acrobat and Reader while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

10CVSS6.1AI score0.09552EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

Peercast URL Format String Exploit Code Execution - Ver2 (CVE-2005-1806)

A code execution vulnerability has been reported in Peercast. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5AI score0.11939EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•2 views

Wireshark ENTTEC DMX Data Buffer Overflow - Ver2 (CVE-2010-4538)

A buffer overflow vulnerability has been reported in Wireshark. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

9.3CVSS5.1AI score0.28983EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•1 views

Php libpath Parameter PHP Code Execution - Ver2 (CVE-2006-1688)

A code execution vulnerability has been reported in Squery. An attacker could exploit this vulnerability via a URL in the libpath parameter to scripts in the lib directory including ase.php, devi.php, doom3.php, et.php, flashpoint.php, gameSpy.php, gameSpy2.php, gore.php, gsvari.php, halo.php,...

7.5CVSS4.6AI score0.07416EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•2 views

OpenSSL DTLS Retransmission Denial of Service - Ver2 (CVE-2013-6450)

A denial-of-service vulnerability has been reported in OpenSSL Project OpenSSL. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5.8CVSS4.7AI score0.14542EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

AltN WebAdmin USER Buffer Overflow - Ver2 (CVE-2003-0471)

A buffer overflow vulnerability has been reported in Alt-N Webadmin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS7.6AI score0.60953EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•2 views

Firefox wyciwyg Cache Manipulation Flaw Information Disclosure - Ver2 (CVE-2007-3656)

An information disclosure vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

6.8CVSS2AI score0.01966EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

SIP Display Field CrossSite Scripting - Ver2 (CVE-2007-2191)

A cross-site scripting vulnerability has been reported in Freepbx. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

6.8CVSS4.5AI score0.04456EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

Mozilla Firefox documentwrite Buffer Overflow - Ver2 (CVE-2010-3179)

A buffer overflow vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

9.3CVSS4.7AI score0.10118EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•2 views

Mozilla Firefox Javascript Engine Code Execution - Ver2 (CVE-2006-3806)

A code execution vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS3.9AI score0.05359EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

MediaDescriptiondispvalue DoS - Ver2 (CVE-2006-3897)

A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5CVSS3.9AI score0.26629EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•12 views

Facebook Photo Uploader ActiveX Control FileMask Method Buffer Overflow - Ver2 (CVE-2008-0660)

Facebook is a social networking website which allows its users to publish their photos. The website publishes an ActiveX control, ImageUploader4.ocx, to assist photo uploading. A buffer overflow vulnerability exists in the Facebook Photo Uploader ActiveX control. The flaw is due to a boundary err...

9.3CVSS4.6AI score0.37762EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

SAP GUI TabOne ActiveX Control Caption List Buffer Overflow - Ver2 (CVE-2008-4827)

The SAP GUI is the GUI client in SAP's 3-tier architecture of database, application server and client. The SAP GUI family is available for Windows, Java, and HTML/Internet Transaction Server ITS environment. There exists a buffer overflow vulnerability in the SAP GUI. Remote attackers can exploit...

9.3CVSS7.8AI score0.06714EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

Internet Explorer WMF CreateBrushIndirect DoS - Ver2 (CVE-2006-4071)

A denial-of-service vulnerability has been reported in Microsoft Windows XP and Microsoft Windows Server 2003. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

2.6CVSS3.9AI score0.23995EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•19 views

BEA WebLogic SSL Handling Denial of Service weblogic attack - Ver2 (CVE-2004-2424)

A denial-of-service vulnerability has been reported in BEA Systems WebLogic Server. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5CVSS4.2AI score0.01752EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

Android 26 Kernel Level SD card Write Denial of Service - Ver2 (CVE-2013-1773)

A denial-of-service vulnerability has been reported in Linux kernel before version 3.3. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.2CVSS6AI score0.01039EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•17 views

Internet Explorer OnLoad Event Memory Corruption (MS11-081) - Ver2 (CVE-2011-1997)

A memory corruption vulnerability has been reported in Internet Explorer. The vulnerability is due to an error in the way IE accesses objects that have been deleted. A remote attacker may exploit this vulnerability by enticing a user to open a malicious web-page. Successful exploitation may cause...

9.3CVSS7.4AI score0.14476EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•17 views

Microsoft Fax Cover Page Editor Buffer Overflow - Ver2 (CVE-2010-4701)

A heap buffer overflow vulnerability has been discovered in Microsoft Windows Fax Services. The Windows Fax Service is a component that allows a Windows system to act as a Fax server. One of the tools within this fax suite is the Fax Console, which allows a user to monitor the sending and receivi...

7.6CVSS7.5AI score0.47832EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•12 views

Apache HTTP Server mod_dav MERGE Request Denial of Service - Ver2 (CVE-2013-1896)

A denial of service vulnerability has been reported in the moddav component of Apache HTTP Server. The vulnerability is due to a NULL pointer dereference when processing a MERGE request with a URI whose source href points to a non-DAV configured URI. A remote attacker can send a crafted HTTP...

4.3CVSS1.3AI score0.29484EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

Windows Explorer (explorer.exe) AVI Right Click Denial of Service - Ver2 (CVE-2007-0562)

A denial-of-service vulnerability has been reported in Microsoft Windows Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

4.3CVSS3.5AI score0.13031EPSS
Exploits0
Total number of security vulnerabilities13538