Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•29 views

InterNetNews Control Message Handling Buffer Overflow - Ver2 (CVE-2004-0045)

The InterNetNews package INN is a complete Usenet system. It includes innd, an NNTP server, and nnrpd, a newsreading server. A vulnerability exists in the NNTP server component of InterNetNews INN, which can be exploited to compromise a vulnerable system. The vulnerability is caused due to a...

7.5CVSS6.7AI score0.08622EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•14 views

InduSoft Web Studio Unauthenticated Insecure Remote Operations Code Execution - Ver2 (CVE-2011-4051)

A code execution vulnerability has been reported in the Remote Agent component of InduSoft Web Studio. The vulnerability is due to the absence of authentication for incoming requests to the Remote Agent service. An attacker could exploit this vulnerability by sending crafted requests to the...

10CVSS7.7AI score0.70156EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Microsoft IIS URL Access Violation DoS - Ver2 (CVE-2002-0072)

A denial-of-service vulnerability has been reported in Microsoft IIS. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5CVSS6.1AI score0.56627EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•7 views

Apple QuickTime PictureViewer GIF Rendering Integer Overflow - Ver2 (CVE-2005-1106)

An integer overflow vulnerability has been reported in Apple QuickTime PictureViewer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5CVSS7.4AI score0.01217EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•2 views

Mozilla Browsers JavaScript Argument Passing Code Execution - Ver2 (CVE-2007-0777)

Mozilla Firefox and Seamonkey are very popular open source web browsers from Mozilla Foundation, based on the Mozilla Suite code base. The browser is an application designed for tasks related to web browsing, such as displaying HTML pages, downloading files, rendering different media, and so on...

9.3CVSS0.1AI score0.07558EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•23 views

Adobe Shockwave Player Chunk Parsing Uninitialized Object Access (APSB12-13) - Ver2 (CVE-2012-2030)

A remote code execution vulnerability has been reported in Adobe Shockwave player. The vulnerability is due to an error in Adobe Shockwave Player while parsing crafted data inside rcsL RIFF chunk in DIR or DCR files. A remote attacker can exploit this issue by enticing a target user to open a...

10CVSS7.3AI score0.06238EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

Mozilla Firefox Javascript Engine Code Execution - Ver2 (CVE-2006-3806)

A code execution vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS3.9AI score0.05359EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

Wireshark ENTTEC DMX Data Buffer Overflow - Ver2 (CVE-2010-4538)

A buffer overflow vulnerability has been reported in Wireshark. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

9.3CVSS5.1AI score0.28983EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•5 views

Android 26 Kernel Level SD card Write Denial of Service - Ver2 (CVE-2013-1773)

A denial-of-service vulnerability has been reported in Linux kernel before version 3.3. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.2CVSS6AI score0.01039EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•32 views

Microsoft Windows SSL Library Private Communications Transport Buffer Overflow - Ver2 (CVE-2003-0719)

A buffer overflow vulnerability has been reported in Microsoft Windows SSL Library. The vulnerability is due to the processing of certain messages. A remote attacker can exploit this issue by executing arbitrary code in the context of a local system user when SSL is enabled...

7.5CVSS6.8AI score0.83412EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•4 views

Mozilla Firefox documentwrite Buffer Overflow - Ver2 (CVE-2010-3179)

A buffer overflow vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla SeaMonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

9.3CVSS4.7AI score0.10118EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•14 views

Mitsubishi MCWorkX ActiveX Control File Execution Command Execution - Ver2 (CVE-2013-2817)

A command execution vulnerability has been reported in Mitsubishielectric Mc-worx Suite. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9.3CVSS5.4AI score0.0593EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•11 views

Microsoft Active Directory LDAP Modify Request Buffer Overflow (MS07-039) - Ver2 (CVE-2007-0040)

Lightweight Directory Access Protocol LDAP is Internet standard protocol designed for querying and modifying directory services. Multiple vulnerabilities have been reported in Microsoft Windows Active Directory. The flaws are in the way the Active Directory handles LDAP requests. The...

10CVSS7.5AI score0.3917EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•24 views

CA ARCserve D2D GWT RPC Request Credentials Disclosure - Ver2 (CVE-2011-3011)

A credentials disclosure vulnerability has been reported in CA ARCserve D2D. The vulnerability is due to an error while processing Google Web Toolkit GWT RPC requests. A remote attacker can exploit this vulnerability by sending a specially crafted RPC request to an affected server. Successful...

5CVSS6.6AI score0.71631EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•3 views

Firefox wyciwyg Cache Manipulation Flaw Information Disclosure - Ver2 (CVE-2007-3656)

An information disclosure vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

6.8CVSS2AI score0.01966EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•7 views

Oracle Java AtomicReferenceArray Sandbox Breach Code Execution - Ver2 (CVE-2012-0507)

A code execution vulnerability has been reported in Oracle Java SE. The vulnerability is due to a design flaw in the implementation of the AtomicReferenceArray class in Java SE. An attacker could exploit this vulnerability by enticing a target user to open a specially crafted Java application...

10CVSS3.7AI score0.98113EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•29 views

Internet Explorer Malformed IFRAME Buffer Overflow (MS04-040) - Ver2 (CVE-2004-1050)

Internet Explorer IE is a popular web browser developed by Microsoft corporation. A buffer overflow vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is in the way Microsoft Internet Explorer parses certain parameters of an IFRAME tag. An attacker can exploit this...

10CVSS7.5AI score0.67061EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•15 views

Apple QuickTime Text Track Descriptors Heap Buffer Overflow - Ver2 (CVE-2012-0664)

A heap buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to improper validation of parameters lengths. A remote attacker can exploit this vulnerability by enticing a victim to open a specially crafted QuickTime Text file with an affected version of...

9.3CVSS3.8AI score0.06125EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•19 views

Microsoft Graphics Component Memory Corruption (MS14-007) - Ver2 (CVE-2014-0263)

A remote code execution vulnerability has been reported in Windows Graphics Component. The vulnerability is due to the way Windows components handle specially crafted GIF files. A remote attacker can exploit this issue by enticing a user to view GIF files in shared content. Successful exploitatio...

9.3CVSS7.2AI score0.18885EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•5 views

Php libpath Parameter PHP Code Execution - Ver2 (CVE-2006-1688)

A code execution vulnerability has been reported in Squery. An attacker could exploit this vulnerability via a URL in the libpath parameter to scripts in the lib directory including ase.php, devi.php, doom3.php, et.php, flashpoint.php, gameSpy.php, gameSpy2.php, gore.php, gsvari.php, halo.php,...

7.5CVSS4.6AI score0.07416EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Apple CUPS cupsdDoSelect Remote Code Execution attack - Ver2 (CVE-2009-3553)

A code execution vulnerability has been reported in Apple Cups. An attacker could exploit this vulnerability via a client disconnection during listing of a large number of print jobs, related to improperly maintaining a reference count. Successful exploitation of this vulnerability could allow a...

5CVSS3.5AI score0.03913EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•17 views

Microsoft Excel SXVI.iCache Validation Memory Corruption (MS10-057) - Ver2 (CVE-2010-2562)

Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to the way that Microsoft Office Excel parses the Excel file format when opening a specially crafted Excel file. A remote attacker could trigger...

9.3CVSS3.3AI score0.17612EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•7 views

HP Data Protector Opcode 45 and 46 Code Execution - Ver2 (CVE-2013-2348)

Multiple vulnerabilities have been reported in HP Data Protector. Both vulnerabilities are due to insufficient input validation on a string supplied with a message containing opcodes 45 or 46. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the...

10CVSS7.2AI score0.10436EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Mac OS X Safari Archive Metadata Command Execution - Ver2 (CVE-2006-0397)

A command execution vulnerability has been reported in Apple Mac OS X and Apple Mac OS X Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.6AI score0.01537EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•6 views

Joomla Component com_webring Remote File Inclusion - Ver2 (CVE-2006-4129)

A file inclusion vulnerability has been reported in Joomla Webring Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS4.8AI score0.03282EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Adobe Flash Player OP_inclocal and OP_declocal Memory Corruption (APSB12-22) - Ver2 (CVE-2012-5271)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to memory access without bounds checking while verifying certain opcodes. A remote attacker can exploit this issue by enticing the victim to open a specially crafted SWF file with an affected versi...

10CVSS7AI score0.04727EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•7 views

Microsoft Internet Explorer Object Tag Temporary File Information Disclosure - Ver2 (CVE-2002-1188)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. An attacker could exploit this vulnerability via certain uses of the OBJECT tag, which are not subjected to the proper security checks. Successful exploitation of this vulnerability would allow a remote...

6.4CVSS1.4AI score0.12293EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•16 views

IPSwitch IMAIL LDAP Overflow - Ver2 (CVE-2004-0297)

The LDAP protocol elements are encoded for exchange using ASN.1 Basic Encoding Rules BER. Buffer overflow vulnerabilities exist in the LDAP component of IPSwitch's IMail server. The vulnerable LDAP daemon does not properly validate the content of an LDAP message. The vulnerability allows both DoS...

10CVSS2AI score0.68129EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•6 views

Mozilla Firefox document.write And DOM Insertions Memory Corruption - Ver2 (CVE-2010-3765)

Mozilla Firefox is a web browser developed by Mozilla Foundation. A memory corruption vulnerability has been reported in Mozilla Firefox. The vulnerability is due to a buffer overflow in Mozilla Firefox while executing specially crafted JavaScript call document.write combined with DOM insertions....

9.3CVSS3AI score0.83279EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Internet Explorer history.go Improper Parameter Handling (MS09-014) - Ver2 (CVE-2009-0552)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a memory corruption error in Internet Explorer history.go parameter when attempting to access an object that has not been initialized or has been deleted. To trigger this issue, an...

9.3CVSS7.5AI score0.28588EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•21 views

Microsoft CryptoAPI Object Identifiers Integer Overflow (MS09-056) - Ver2 (CVE-2009-2511)

The CryptoAPI provide services that enable application developers to add encryption/decryption of data, authentication using digital certificates, and encoding to and decoding from Abstract Syntax Notation One ASN.1 to their Windows-based applications. A spoofing vulnerability has been reported i...

7.5CVSS3.9AI score0.12959EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•11 views

Multiple PDF products Launch Action Command Code Execution (APSB10-15) - Ver2 (CVE-2010-1240)

Portable Document Format PDF is an open file format created by Adobe Systems. A vulnerability has been discovered in Adobe Reader. The vulnerability is due to an error in the Adobe Reader that fails to restrict the contents of one text field in the Launch File warning dialog, which makes it easie...

9.3CVSS5.4AI score0.73436EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•13 views

Windows Explorer ICO File Format Divide by Zero Denial of Service - Ver2 (CVE-2007-2237)

A denial-of-service vulnerability has been reported in Microsoft Windows XP. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.1CVSS3.9AI score0.15424EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•16 views

Microsoft .NET Framework S.DS.P Namespace Method Buffer Overflow - Ver2 (CVE-2013-0003)

A buffer overflow exists in the System.DirectoryServices.Protocols S.DS.P namespace method in the .NET framework. The vulnerability is due to an error in the validation of the size of objects in memory prior to copying them into an array.An attacker can remotely exploit this vulnerability by...

9.3CVSS7.5AI score0.23843EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•11 views

Microsoft Windows Agent ACF File Handling Memory Corruption (MS06-068) - Ver2 (CVE-2006-3445)

A remote code execution vulnerability exists in Microsoft Agent. Microsoft Agent is a software technology that enables an enriched form of user interaction that can make using and learning to use a computer easier and more natural. . The vulnerability is due to a memory corruption error in the...

7.5CVSS7.6AI score0.40143EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•17 views

OpenSSL TLS Heartbeat information disclosure - Ver2 (CVE-2014-0160)

An information disclosure vulnerability has been reported inOpenSSL. The vulnerability is due to an error when handling TLS/DTLS heartbeat packets. Successful exploitation of this vulnerability could allow a remote attacker to disclose memory contents of a connected client or server...

5CVSS1.3AI score0.99999EPSS
Exploits88
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•19 views

Apache HTTP Server mod_deflate Denial of Service - Ver2 (CVE-2014-0118)

A denial of service vulnerability exists in Apache HTTP server. The vulnerability exists in the moddeflate module and is due to a resource exhaustion that is related to request body decompression configuration. A remote, unauthenticated attacker can leverage this vulnerability by sending a...

4.3CVSS1.7AI score0.37156EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•5 views

Advantech WebAccess HMI and SCADA Software CrossSite Scripting - Ver2 (CVE-2012-0233)

A cross-site scripting vulnerability has been reported in Advantech Webaccess. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.8AI score0.00989EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•12 views

Microsoft Excel RealTimeData Record Heap Corruption (MS10-038) - Ver2 (CVE-2010-1247)

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available is several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...

9.3CVSS1.3AI score0.22392EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•14 views

Procyon Core Server HMI Memory Corruption SCADA Remote Code Execution - Ver2 (CVE-2011-3322)

A remote stack overflow vulnerability has been reported in Procyon Core Server HMI service. The vulnerability is due to a boundary check error. A remote attacker may exploit this issue by sending specially crafted messages to the target server. Successful exploitation could allow an attacker to...

10CVSS3.7AI score0.65312EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•14 views

Internet Explorer Center Element Remote Code Execution (MS12-037) - Ver2 (CVE-2012-1523)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object that has been deleted. A remote attacker could trigger this vulnerability by enticing an unsuspecting victim to open a...

9.3CVSS7.6AI score0.22475EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

CA BrightStor ARCserve Backup Tape Engine RPC GetGroupStatus Buffer Overflow attack - Ver2 (CVE-2006-6917)

A buffer overflow vulnerability has been reported in CA BrightStor ARCserve Backup system. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS7.5AI score0.29353EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•5 views

MediaDescriptiondispvalue DoS - Ver2 (CVE-2006-3897)

A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5CVSS3.9AI score0.26629EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•27 views

Microsoft DNS Server RPC Management Interface Buffer Overflow (MS07-029) - Ver2 (CVE-2007-1748)

The DNS server service is a component that provides name resolution services to a network.A buffer overflow vulnerability has been reported in the Microsoft Windows Domain Name System DNS Server services.An attacker may exploit this vulnerability to execute arbitrary code on a target system via a...

10CVSS4.9AI score0.79128EPSS
Exploits17
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•14 views

Internet Explorer Event Handling Memory Corruption (MS10-071) - Ver2 (CVE-2010-3326)

Multiple memory corruption vulnerabilities have been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted. To trigger this issue, an attacker may create a malicious web page that will...

9.3CVSS7.2AI score0.25317EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•10 views

Malware evasion Security Bypass - Ver2 (CVE-2012-1427)

A security bypass vulnerability has been reported in Cat Quick HealCat Quick Heal. An attacker could exploit this vulnerability via a POSIX TAR file with a 57696E5A6970 character sequence at a certain location. Successful exploitation of this vulnerability would allow remote attackers to bypass...

4.3CVSS3.9AI score0.87754EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•8 views

Dell OpenManage Web Server Buffer Overflow - Ver2 (CVE-2004-0331)

A buffer overflow vulnerability exist in Dell's OpenManage Web Server. The vulnerability is due to an boundary error when handling application parameter. An unauthenticated remote attacker could exploit this vulnerability by sending a crafted request to the vulnerable server...

5CVSS3.2AI score0.1583EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•33 views

Microsoft Graphics Rendering Engine Thumbnail Image Stack Buffer Overflow - Ver2 (CVE-2010-3970)

Thumbnails are reduced-size versions of pictures, used to help in recognizing and organizing them, serving the same role for images as a normal text index does for words. A stack buffer overflow vulnerability has been discovered in Microsoft's Graphics Rendering Engine. The vulnerability is due t...

9.3CVSS0.7AI score0.67687EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•27 views

DNS Label Compression Recursion Denial of Service - Ver2 (CVE-2007-1030)

A denial-of-service vulnerability has been reported in Niels Provos Libevent. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.8CVSS6AI score0.03011EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/12/28 12:0 a.m.•16 views

Facebook Photo Uploader ActiveX Control FileMask Method Buffer Overflow - Ver2 (CVE-2008-0660)

Facebook is a social networking website which allows its users to publish their photos. The website publishes an ActiveX control, ImageUploader4.ocx, to assist photo uploading. A buffer overflow vulnerability exists in the Facebook Photo Uploader ActiveX control. The flaw is due to a boundary err...

9.3CVSS4.6AI score0.37762EPSS
Exploits5
Total number of security vulnerabilities13538