Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/05/01 12:0 a.m.•3 views

g01pack Exploit Kit Remote Code Execution

g01pack exploit kit is a web exploit kit that operates by delivering malicious payload to the victim's computer. Remote attackers can infect users with g01pack exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to download additional malware t...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/05/01 12:0 a.m.•12 views

Sophos Web Appliance SophosConfig Write Command Execution (CVE-2014-2850)

A command execution vulnerability has been reported in Sophos Web Appliance. The vulnerability is due to an error in the sanitization function. A remote authenticated attacker could exploit this vulnerability by placing specially crafted data in a request...

8.5CVSS6.4AI score0.57847EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/30 12:0 a.m.•10 views

Mozilla Firefox generateCRMFRequest Remote Code Execution (CVE-2012-3993; CVE-2013-1710)

A remote code execution vulnerability has been reported in Mozilla Firefox. The Chrome Object Wrapper COW implementation does not properly interact with failures of InstallTrigger methods. By exploiting this, remote attacker could execute arbitrary JavaScript code with chrome privileges via a...

4.4AI score0.42609EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2014/04/30 12:0 a.m.•1 views

TLS Invalid Cipher Suites Denial of Service

A denial of service vulnerability has been reported in servers using TLS protocol. The vulnerability is due to the server's inability to handle Invalid TLS cipher suites. Remote attackers can exploit this issue by sending specially crafted cipher suites to an affected server...

3.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/30 12:0 a.m.•2 views

Adobe Flash Player Buffer Overflow Arbitrary Code Execution (CVE-2014-0515)

An arbitrary code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a buffer overflow while handling specially crafted SWF files. A remote attacker can exploit this vulnerability to execute arbitrary files on the victim's computer...

4.1AI score0.94569EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/04/30 12:0 a.m.•11 views

Sophos Web Appliance change_password Admin Password Privilege Escalation (CVE-2014-2849)

A privilege escalation vulnerability has been reported in Sophos Web Appliance. The vulnerability is due to errors in a changepassword request when handling user input. A remote authenticated attacker could exploit this vulnerability by placing specially crafted data in a changepassword request...

8.5CVSS4.6AI score0.61192EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/28 12:0 a.m.•12 views

Vortex Media Group Light Alloy M3U File Handling Buffer Overflow (CVE-2013-6874)

A stack buffer overflow vulnerability has been reported in Light Alloy media player. The vulnerability is due to a lack of boundary check when handling M3U files. Successful exploitation could allow arbitrary code execution in the context of the target user...

9.3CVSS7.6AI score0.06047EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/28 12:0 a.m.•5 views

McAfee Asset Manager ReportsAudit.jsp Input Validation Error (CVE-2014-2587)

An input validation error vulnerability has been reported in McAfee Asset Manager. The vulnerability is due to insufficient input validation on the "user" parameter of "ReportsAudit.jsp". A remote authenticated attacker can exploit this vulnerability to execute SQL commands on the underlying...

6.5CVSS3.3AI score0.03142EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/27 12:0 a.m.•8 views

Novell ZENworks Configuration Management PreBoot Directory Traversal (CVE-2013-3706)

A directory traversal vulnerability has been reported in Novell ZENworks Configuration Manager. The vulnerability is due to the preboot service which supports an opcode that allows files to be downloaded through directory traversal. A remote attacker can exploit this vulnerability to disclose the...

5CVSS6.4AI score0.07615EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/27 12:0 a.m.•7 views

Microsoft Internet Explorer Remote Code Execution (CVE-2014-1776)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. A remote attacker can exploit this vulnerability by enticing users t...

10CVSS5.1AI score0.88013EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/25 12:0 a.m.•32 views

Apache Struts ParametersInterceptor ClassLoader Security Bypass (CVE-2014-0094; CVE-2014-0112; CVE-2014-0113; CVE-2014-0114)

A security bypass vulnerability exists in Apache Struts. The vulnerability is due to inadequate validation of data processed by ParametersInterceptor allowing for manipulation of the ClassLoader. A remote attacker could exploit this vulnerability by providing a class parameter in a request...

7.5CVSS3.8AI score0.99614EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2014/04/24 12:0 a.m.•27 views

Microsoft Windows File Handling Component Remote Code Execution (MS14-019; CVE-2014-0315)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is caused by Windows improperly restricting the path used for processing .bat and .cmd files. A remote attacker could trigger this flaw by placing a malicious executable in the working directory e.g. a...

6.9CVSS7.1AI score0.14736EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/04/23 12:0 a.m.•1 views

Microsoft Windows ME Operating System

Windows ME is an older version of Microsoft Windows. Microsoft ended the support for Windows ME operating system on July 2006...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/23 12:0 a.m.•4 views

Microsoft Windows XP Operating System

Windows XP is an older version of Microsoft Windows. Microsoft ended the support for Windows XP operating system on April 8th 2014. As a result computers using the OS might become more vulnerable to security risks and viruses. There are cases in which certain traffic, although not intended for...

6.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/23 12:0 a.m.•3 views

Microsoft Windows 98 Operating System

Windows 98 is an older version of Microsoft Windows. Microsoft has ended the support for Windows 98 operating system on July 11th 2006. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/23 12:0 a.m.•4 views

Microsoft Windows 2000 Operating System

Windows 2000 is an older version of Microsoft Windows. Microsoft has ended the support for Windows 2000 operating system on July 13th 2010. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by I...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/23 12:0 a.m.•5 views

Microsoft Windows NT 4.0 Operating System

Windows NT 4.0 is an older version of Microsoft Windows. Microsoft ended the support for Windows NT 4.0 operating system on 2004. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/23 12:0 a.m.•4 views

Microsoft Windows 3.11 Operating System

Windows 3.11 is an older version of Microsoft Windows. Microsoft ended the support for Windows 3.11 operating system on December 2001. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/23 12:0 a.m.•2 views

Microsoft Windows 95 Operating System

Windows 95 is an older version of Microsoft Windows. Microsoft ended the support for Windows 95 operating system on December 2001. There are cases in which certain traffic, although not intended for malicious use, is very unsafe, since it may transfer shellcode which is undetectable by IPS...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•2 views

Nokia PC Suite Video Manager Buffer Overflow - Ver2 (CVE-2012-2442)

A buffer overflow vulnerability has been reported in Nokia Pc Suite. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.1AI score0.02746EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•3 views

Internet Explorer vtable Use After Free Memory Corruption - Ver2 (CVE-2013-0021)

A memory corruption vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrar...

7.2AI score0.21185EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•3 views

Microsoft Excel Column Record Handling Memory Corruption (MS07-002) - Ver2 (CVE-2007-0030)

Microsoft Excel is a popular spreadsheet application that is usually released as part of the Microsoft Office suite. The application can create complex spreadsheets with multiple workbooks, formulae, and various data sources. The proprietary file format used for storing Microsoft Excel documents ...

9.3CVSS7.4AI score0.32093EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•3 views

Mozilla Browsers JavaScript Navigator Object Memory Corruption - Ver2 (CVE-2006-3677)

Mozilla Firefox and Seamonkey are very popular open source web browsers from Mozilla Foundation, based on the Mozilla Suite code base. The browser is an application designed for tasks related to web browsing, such as displaying HTML pages, downloading files, rendering different media, and so on...

7.5CVSS7.1AI score0.78359EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•7 views

Microsoft Excel File Format OBJECTLINK Record Memory Corruption - Ver2 (CVE-2012-0142)

A memory corruption vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in the way Microsoft Excel handles memory when opening specially crafted Excel files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrar...

7.1AI score0.21596EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•4 views

Windows Explorer WMF Unspecified Denial of Service - Ver2 (CVE-2007-1090)

A denial-of-service vulnerability has been reported in Microsoft Windows Explorer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.1AI score0.16388EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•11 views

Microsoft Excel EntExU2 Record Memory Corruption - Ver2 (CVE-2010-0257)

A memory corruption inclusion vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. Successful exploitation of this vulnerability could allow a remote attacker to...

7.1AI score0.18587EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•5 views

Microsoft Word Malformed Data Structures Memory Corruption - Ver2 (CVE-2006-6456)

A memory corruption vulnerability has been reported in Microsoft Office Word. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.2AI score0.31449EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•7 views

Apple Quicktime for Windows QTPlugin.ocx ActiveX Control Set Buffer Overflow - Ver2 (CVE-2008-0778)

A buffer overflow vulnerability has been reported in Apple Quicktime. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.7AI score0.09214EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•24 views

Microsoft Visual Basic FlexGrid ActiveX Control Rows Parameter Memory Corruption - Ver2 (CVE-2008-4254)

A memory corruption vulnerability has been reported in Microsoft Visual Basic. An attacker could exploit this vulnerability crafted Rows and Cols properties to the ExpandAll and CollapseAll methods, related to access of incorrectly initialized objects and corruption of the system state. Successfu...

7.2AI score0.2206EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•14 views

Microsoft Office Excel Graphic Object Dereferencing Code Execution - Ver2 (CVE-2011-0977)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly handle dereferencing data structures when parsing a specially crafted Office file that contains graphic objects. Successful exploitatio...

7.3AI score0.32172EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•10 views

Macromedia Shockwave swdir.dll ActiveX Control Remote Stack Buffer Overflow - Ver2 (CVE-2007-1403)

A buffer overflow vulnerability has been reported in Macromedia Shockwave. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5CVSS7.6AI score0.2922EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•17 views

Microsoft PowerPoint Converter GuideAtom Record Handling Error (MS09-017) - Ver2 (CVE-2009-0225)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A memory corruption vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafted...

9.3CVSS6.9AI score0.3107EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•14 views

Microsoft Word TextBox Sub-document Memory Corruption - Ver2 (CVE-2007-1910)

Microsoft Word is a document authoring product released by the Microsoft Corporation. A memory corruption vulnerability has been reported in Microsoft Word. The vulnerability is due to improper validation of a supplied value inside the Main Stream. A remote attacker could exploit this vulnerabili...

6.8CVSS6.9AI score0.24949EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•18 views

Internet Explorer ActiveX Navigate Handling Code Execution (MS08-073) - Ver2 (CVE-2008-4258)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Internet Explorer that fails to properly validate parameters made during a method call in the...

8.5CVSS7.1AI score0.17841EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•11 views

Microsoft Publisher Out-of-bounds Array Index Code Execution (MS11-091) - Ver2 (CVE-2011-3410)

A remote code execution vulnerability has been reported in Microsoft Publisher. The vulnerability is caused when Microsoft Publisher does not properly handle values in memory while parsing specially crafted Publisher files. A remote attacker may exploit this vulnerability by convincing a user to...

9.3CVSS7.5AI score0.28059EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•25 views

Apple QuickDraw PICT Images ARGB Records Handling Memory Corruption - Ver2 (CVE-2007-0462)

A memory corruption vulnerability has been reported in QuickDraw. The vulnerability is due to improper handling of PICT image files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.3AI score0.06602EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•9 views

PointDev IDEAL Migration and Administration Buffer Overflow - Ver2 (CVE-2009-4265)

A buffer overflow vulnerability has been reported in Pointdev Ideal Administration. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

5.1AI score0.3139EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•7 views

Microsoft PowerPoint Integer Underflow Heap Corruption Code Execution - Ver2 (CVE-2010-2573)

A code execution vulnerability has been reported in Microsoft Office PowerPoint. The vulnerability is due to an integer underflow in Microsoft PowerPoint that fails to properly parse specially crafted PowerPoint file. Successful exploitation of this vulnerability could allow a remote attacker to...

7.3AI score0.20673EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•5 views

Microsoft Office FORMAT Record Code Execution - Ver2 (CVE-2008-3005)

A code execution vulnerability has been reported in Microsoft Office. An attacker could exploit this vulnerability an Excel file with a crafted array index for a FORMAT record. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...

7.3AI score0.31934EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•2 views

Adobe Acrobat authplay.dll Memory Corruption - Ver2 (CVE-2009-1862)

A memory corruption vulnerability has been reported in Adobe Acrobat, Adobe Acrobat Reader and Adobe Flash Player. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.2AI score0.25006EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•16 views

Microsoft Excel Record Parsing Code Execution - Ver2 (CVE-2011-3403)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to improper handling of certain records in Microsoft Excel while parsing malformed Excel files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...

7.4AI score0.20786EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•20 views

Microsoft Excel FNGROUPNAME Record Uninitialized Memory Code Execution - Ver2 (CVE-2010-0262)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitra...

7.3AI score0.21256EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•3 views

SMF Forum smf.php mosConfig_absolute_path Parameter PHP Code Execution - Ver2 (CVE-2006-3773)

A code execution vulnerability has been reported in Mambo Smf-forum. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5AI score0.05793EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•12 views

Microsoft Excel SERIES Record Parsing Code Execution (MS12-030) - Ver2 (CVE-2012-1847)

A remote code execution vulnerability has been reported in Microsoft Excel. The vulnerability is due to an error in the way Microsoft Excel handles memory when opening specially crafted Excel files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted Exc...

9.3CVSS7AI score0.25099EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•16 views

Novell iPrint Client ActiveX GetPrinterURLList2 Memory Corruption - Ver2 (CVE-2011-4185)

A memory corruption vulnerability has been reported in Novell iPrint Client ActiveX control. The vulnerability is due to improper validation of user-supplied string parameters. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...

7.3AI score0.03451EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•6 views

Macromedia Shockwave SWDIR.SLL ActiveX Denial of Service - Ver2 (CVE-2006-6885)

A denial-of-service vulnerability has been reported in Macromedia Shockwave. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5.4AI score0.07231EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•29 views

Microsoft Excel Version Information Handling Code Execution (MS07-036) - Ver2 (CVE-2008-0081)

Microsoft Excel is a popular spreadsheet application. Multiple vulnerabilities have been identified in Microsoft Excel. A remote attacker could exploit these issues via a malformed Excel file. Successful exploitation of these vulnerabilities may allow execution of arbitrary code on a target syste...

9.3CVSS7.2AI score0.57908EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

ProShow Gold file based Buffer Overflow - Ver2 (CVE-2009-3214)

A buffer overflow vulnerability has been reported in Photodex Proshow Gold. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.6AI score0.30787EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•21 views

Microsoft Outlook AttachMethods Remote Code Execution - Ver2 (CVE-2010-0266)

A code execution inclusion vulnerability has been reported in Microsoft Office Outlook. The vulnerability is due to an error in Microsoft Office Outlook that fails to properly verify the file extension of an attachment in a specially crafted e-mail message. Successful exploitation of this...

7.3AI score0.55278EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•20 views

Microsoft Word Access Violation Code Execution - Ver2 (CVE-2011-1983)

A code execution vulnerability has been reported in Microsoft Office Word. The vulnerability is due to an error in the way Microsoft Word handles objects in memory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.3AI score0.22724EPSS
Exploits1
Total number of security vulnerabilities13538