Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

Microsoft Scripting Runtime Object Library Use-After-Free Code Execution (MS13-099) - Ver2 (CVE-2013-5056)

A remote code execution vulnerability has been reported in the Microsoft Scripting Runtime Object Library. The vulnerability is caused due to an error in the way Microsoft Scripting Runtime Object Library handles objects in memory. A remote attacker can exploit this issue by enticing a user to op...

9.3CVSS6.7AI score0.20353EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•17 views

Microsoft Fax Cover Page Editor Buffer Overflow - Ver2 (CVE-2010-4701)

A heap buffer overflow vulnerability has been discovered in Microsoft Windows Fax Services. The Windows Fax Service is a component that allows a Windows system to act as a Fax server. One of the tools within this fax suite is the Fax Console, which allows a user to monitor the sending and receivi...

7.6CVSS7.5AI score0.47832EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•12 views

Apache HTTP Server mod_dav MERGE Request Denial of Service - Ver2 (CVE-2013-1896)

A denial of service vulnerability has been reported in the moddav component of Apache HTTP Server. The vulnerability is due to a NULL pointer dereference when processing a MERGE request with a URI whose source href points to a non-DAV configured URI. A remote attacker can send a crafted HTTP...

4.3CVSS1.3AI score0.29484EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Microsoft Active Directory LDAP Modify Request Buffer Overflow (MS07-039) - Ver2 (CVE-2007-0040)

Lightweight Directory Access Protocol LDAP is Internet standard protocol designed for querying and modifying directory services. Multiple vulnerabilities have been reported in Microsoft Windows Active Directory. The flaws are in the way the Active Directory handles LDAP requests. The...

10CVSS7.5AI score0.3917EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

Windows Explorer (explorer.exe) AVI Right Click Denial of Service - Ver2 (CVE-2007-0562)

A denial-of-service vulnerability has been reported in Microsoft Windows Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

4.3CVSS3.5AI score0.13031EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

Microsoft Excel Obj BIFF Record Boundary Access (MS11-045) - Ver2 (CVE-2011-1272)

Microsoft Excel is a popular spreadsheet application. A vulnerability has been identified in Microsoft Excel. A remote attacker could exploit this issue via a malformed Excel file. A remote code execution vulnerability exists in the way that Microsoft Excel handles specially crafted Excel files. ...

9.3CVSS6.9AI score0.17592EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•11 views

OpenSSL TLS Connection Record Handling Denial of Service - Ver2 (CVE-2010-0740)

OpenSSL is an open-source library that implements Secure Sockets Layer SSL and Transport Layer Security TLS protocol functionality. A remote attacker may exploit this vulnerability to create a denial of service condition. The vulnerability is due to an error in the OpenSSL ssl3getrecord function...

5CVSS2.4AI score0.2035EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•5 views

Chicken of the VNC Hostname Size Denial of Service - Ver2 (CVE-2007-0756)

A denial-of-service vulnerability has been reported in Chicken Of The Vnc Chicken Of The Vnc. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.8CVSS3.8AI score0.04289EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Symantec Workspace Streaming XML-RPC Arbitrary File Upload - Ver2 (CVE-2014-1649)

An arbitrary file upload vulnerability has been reported in Symantec Workspace. The vulnerability is due to lack of access control validation in the functionality used to process XMLRPC requests. A remote unauthenticated attacker could exploit this vulnerability by a sending specially crafted...

7.9CVSS4.2AI score0.42312EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

Internet Explorer RDSDataControlURL DoS - Ver2 (CVE-2006-3510)

A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

2.6CVSS4.2AI score0.14753EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•12 views

Microsoft Office Art Drawing Records Code Execution (MS10-087) - Ver2 (CVE-2010-3334)

Microsoft Office is an office suite of inter-related desktop applications, servers and services for the Microsoft Windows and Mac OS X operating systems. A remote attacker could exploit this issue via a malformed Office file. Successful exploitation of this vulnerability may allow execution of...

9.3CVSS6.6AI score0.25459EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

LCDProc test_func_func Format String Code Execution - Ver2 (CVE-2004-1917)

A code execution vulnerability has been reported in Lcdproc. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.2AI score0.0406EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•2 views

Apache 2 mod_ssl Connection Abort Denial of Service possible attack - Ver2 (CVE-2004-0748)

A denial-of-service vulnerability has been reported in Apache Software Foundation Apache HTTP Server. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5CVSS2.7AI score0.22307EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•9 views

Novell eDirectory evtFilteredMonitorEventsRequest Invalid free Code Execution - Ver2 (CVE-2006-4510)

A code execution vulnerability has been reported in Novell eDirectory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS7.5AI score0.06477EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

Internet Explorer XML Object Type Validation Code Execution - Ver2 (CVE-2003-0809)

A code execution vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.4AI score0.2667EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•26 views

Microsoft DNS Server RPC Management Interface Buffer Overflow (MS07-029) - Ver2 (CVE-2007-1748)

The DNS server service is a component that provides name resolution services to a network.A buffer overflow vulnerability has been reported in the Microsoft Windows Domain Name System DNS Server services.An attacker may exploit this vulnerability to execute arbitrary code on a target system via a...

10CVSS4.9AI score0.79128EPSS
Exploits17
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•5 views

MIT Kerberos ASN.1 asn1_decode_generaltime Uninitialized Pointer Reference - Ver2 (CVE-2009-0846)

MIT Kerberos V5 is an implementation of the Kerberos protocol that allows for the negotiation of an authenticated, and optionally encrypted, communication channel between two points on a network. The MIT Kerberos V5 server utilizes the encrypted SUN-RPC protocol to communicate with its remote...

10CVSS3.4AI score0.08898EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•15 views

Microsoft Graphics Component Memory Corruption (MS14-007) - Ver2 (CVE-2014-0263)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted GIF files. A remote attacker can exploit this issue by enticing a user to view GIF files in shared content. Successful exploitatio...

9.3CVSS7.2AI score0.18885EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•11 views

Internet Explorer Event Handling Memory Corruption (MS10-071) - Ver2 (CVE-2010-3326)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted. To trigger this issue, an attacker may create a malicious web page that will...

9.3CVSS7.2AI score0.25317EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•6 views

HP Data Protector Opcode 45 and 46 Code Execution - Ver2 (CVE-2013-2348)

Multiple vulnerabilities have been reported in HP Data Protector. Both vulnerabilities are due to insufficient input validation on a string supplied with a message containing opcodes 45 or 46. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the...

10CVSS7.2AI score0.10436EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

Internet Explorer Center Element Remote Code Execution (MS12-037) - Ver2 (CVE-2012-1523)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object that has been deleted. A remote attacker could trigger this vulnerability by enticing an unsuspecting victim to open a...

9.3CVSS7.6AI score0.22475EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•9 views

Microsoft WINS Service Memory Overwrite Buffer Overflow - Ver2 (CVE-2004-0567)

A buffer overflow vulnerability has been reported in Microsoft Windows Server 2003, Microsoft Windows 2000 and Microsoft Windows NT. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS7.5AI score0.72286EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

Microsoft Windows Secure Sockets Layer Version 3.0 - Ver2 (CVE-2004-0120)

Secure Socket Layer SSL is a cryptographic protocol that provides security and data integrity for communications over TCP/IP networks. The protocol is considered obsolete and insecure. This protection can detect and prevent connections attempting to use this protocol. In particular, this protecti...

5CVSS2.9AI score0.55583EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

MostGear Soft EasyLan Folder Share 320100 Activation Denial of Service - Ver2 (CVE-2013-6079)

A denial-of-service vulnerability has been reported in Mostgear Easy Lan Folder Share. An attacker could exploit this vulnerability via a long string in the registration code field in the activate license window or the HKLMSOFTWAREMostGearEasyLanFolderShareV1License registry key. Successful...

7.2CVSS4.8AI score0.0127EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•16 views

Microsoft Windows WebDav Mini-Redirector Heap Buffer Overflow (MS08-007) - Ver2 (CVE-2008-0080)

Web Distributed Authoring and Versioning WebDAV is a set of extensions for HTTP that allows allow clients to publish, lock, and manage resources on the Web. . The vulnerability is due to an error in the Microsoft Windows WebDAV Mini-Redirector that fails to properly handle malformed WebDAV...

10CVSS6.2AI score0.40569EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•6 views

Microsoft SChannel TLSv1 Denial of Service (MS10-085) - Ver2 (CVE-2010-3229)

The Secure Channel SChannel security package is a Security Support Provider SSP that implements the Secure Sockets Layer SSL and Transport Layer Security TLS Internet standard authentication protocols. SChannel is part of the security package that helps provide an authentication service to provid...

7.1CVSS1.1AI score0.50886EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•9 views

Novell Groupwise Addressbook Integer Overflow - Ver2 (CVE-2012-0418)

A code execution vulnerability has been reported in Novell GroupWise. The vulnerability is due to a heap buffer overflow while parsing tokens within a specially crafted Novell Address Book .nab file. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .n...

9.3CVSS4.1AI score0.03753EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•13 views

Microsoft PowerPoint Converter TPrint Record Handling Error (MS09-017) - Ver2 (CVE-2009-0227)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A stack buffer overrun vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafte...

9.3CVSS7AI score0.35721EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•7 views

Joomla Component com_webring Remote File Inclusion - Ver2 (CVE-2006-4129)

A file inclusion vulnerability has been reported in Joomla Webring Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS4.8AI score0.03282EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

Siemens Gigaset SE361 WLAN Remote Reboot Exploit Denial of Service - Ver2 (CVE-2009-3322)

A denial-of-service vulnerability has been reported in Siemens Gigaset SE361 WLAN router. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.8CVSS5.1AI score0.03481EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

Wireshark LWRES Dissector getaddrsbyname Buffer Overflow - Ver2 (CVE-2010-0304)

A buffer overflow vulnerability has been reported in Wireshark. The vulnerability is due to insufficient boundary checking in the getaddrsbyname method. A remote attacker may exploit this vulnerability by sending an overly long string parameter to this method. Successful exploitation would allow...

7.5CVSS5.6AI score0.73666EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•2 views

CVS Entry Line Flag Remote Heap Overflow - Ver2 (CVE-2004-0396)

Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...

7.5CVSS2.3AI score0.67525EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•6 views

Dell OpenManage Web Server Buffer Overflow - Ver2 (CVE-2004-0331)

A buffer overflow vulnerability exist in Dell's OpenManage Web Server. The vulnerability is due to an boundary error when handling application parameter. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted request to the vulnerable server...

5CVSS3.2AI score0.1583EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•6 views

UltraVNC VNCLog Buffer Overflow - Ver2 (CVE-2006-1652)

UltraVNC is an open source client/server remote control application which uses the Virtual Network Computing VNC protocol. The VNC protocol allows a user to control a remote host by sending mouse and keyboard events, and receiving screen and sound updates. UltraVNC offers several extra features a...

9CVSS7.3AI score0.67398EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•11 views

Apple Computer Finder DMG Volume Name Memory Corruption - Ver2 (CVE-2007-0197)

Apple Computer Mac OS X is the operating system bundled with Apple Macintosh computers. The graphical user interface shell of Mac OS X, Finder, allows for graphical browsing of the system. The Finder is also responsible for user-management of files, disks, network volumes and the launching of oth...

6.8CVSS1.7AI score0.0807EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

Multiple Products Directory Server LDAP Buffer Overflows - Ver2 (CVE-2006-0717)

An error was found in the way several LDAP servers from several vendors handle malformed LDAP requests. This can be exploited to crash the service via a specially-crafted request sent to the LDAP server port...

5CVSS6.2AI score0.09436EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Malware evasion Security Bypass - Ver2 (CVE-2012-1427)

A security bypass vulnerability has been reported in Cat Quick HealCat Quick Heal. An attacker could exploit this vulnerability via a POSIX TAR file with a 57696E5A6970 character sequence at a certain location. Successful exploitation of this vulnerability would allow remote attackers to bypass...

4.3CVSS3.9AI score0.87754EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•16 views

Microsoft Web Services on Devices API Memory Corruption (MS09-063) - Ver2 (CVE-2009-2512)

The WSDAPI is an implementation of the Devices Profile for Web Services DPWS for Windows Vista and Windows Server 2008. The DPWS constrains Web Services specifications so that clients can easily discover devices. A remote code execution vulnerability has been reported in the Web Service on Device...

9.3CVSS3.5AI score0.31215EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

Mozilla Firefox Design Mode Deleted Style Reference Memory Corruption - Ver2 (CVE-2007-3734)

A memory corruption vulnerability has been reported in Mozilla Firefox and Mozilla Thunderbird. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS4.3AI score0.02224EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•14 views

RealNetworks HELIX Server Denial of Service - Ver2 (CVE-2004-0389)

A denial-of-service vulnerability has been reported in Realnetworks Helix Universal Server. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.8CVSS5AI score0.52489EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

Pegasus Imaging ImagXpress ActiveX File Directory Traversal - Ver2 (CVE-2007-5320)

A directory traversal vulnerability has been reported in Pegasus Imaging Imagxpress. Successful exploitation of this vulnerability would allow a remote attacker to overwrite arbitrary files on the affected system...

4CVSS5.6AI score0.06507EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•18 views

CA ARCserve D2D GWT RPC Request Credentials Disclosure - Ver2 (CVE-2011-3011)

A credentials disclosure vulnerability has been reported in CA ARCserve D2D. The vulnerability is due to an error while processing Google Web Toolkit GWT RPC requests. A remote attacker can exploit this vulnerability by sending a specially crafted RPC request to an affected server. Successful...

5CVSS6.6AI score0.71631EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•9 views

Dell OpenManage Web Server Buffer Overflow - Ver2 (CVE-2004-0331)

A buffer overflow vulnerability exist in Dell's OpenManage Web Server. The vulnerability is due to an boundary error when handling application parameter. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted request to the vulnerable server...

5CVSS3.2AI score0.1583EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

Microsoft Office Project Memory Validation Remote Code Execution (MS09-074) - Ver2 (CVE-2009-0102)

Microsoft Project is a project management software program designed to assist project managers to stay informed, keep project teams aligned, increase productivity and control project work, schedules, and finances. A remote code execution vulnerability has been identified in the way Microsoft...

9.3CVSS2.1AI score0.23504EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•5 views

Joomla Component com_webring Remote File Inclusion - Ver2 (CVE-2006-4129)

A file inclusion vulnerability has been reported in Joomla Webring Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS4.8AI score0.03282EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•20 views

CVS Max-dotdot Protocol Command Integer Overflow - Ver2 (CVE-2004-0417)

Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...

5CVSS1.8AI score0.03069EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•9 views

UltraVNC VNCLog Buffer Overflow - Ver2 (CVE-2006-1652)

UltraVNC is an open source client/server remote control application which uses the Virtual Network Computing VNC protocol. The VNC protocol allows a user to control a remote host by sending mouse and keyboard events, and receiving screen and sound updates. UltraVNC offers several extra features a...

9CVSS7.3AI score0.67398EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

CVS Entry Line Flag Remote Heap Overflow - Ver2 (CVE-2004-0396)

Concurrent Versions System CVS is an open-source network-transparent version control system. CVS itself does not listen for, or accept network connections. To implement remote repository access, it can be installed as an inetd service, or invoked with the rsh/ssh command. Data between the server...

7.5CVSS2.3AI score0.67525EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•9 views

Microsoft Graphics Device Interface Integer Overflow - Ver2 (CVE-2013-3940)

An integer overflow vulnerability has been reported in the way that the Windows Graphics Device Interface GDI processes specially crafted image files. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted Windows Write file. Successful exploitation of this...

9.3CVSS5.5AI score0.34452EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•18 views

Apache HTTP Server mod_deflate Denial of Service - Ver2 (CVE-2014-0118)

A denial of service vulnerability exists in Apache HTTP server. The vulnerability exists in the moddeflate module and is due to a resource exhaustion that is related to request body decompression configuration. A remote, unauthenticated attacker can leverage this vulnerability by sending a...

4.3CVSS1.7AI score0.37156EPSS
Exploits0
Total number of security vulnerabilities13538