Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•29 views

Microsoft Office Excel SerAuxTrend Record Remote Code Execution (MS11-045) - Ver2 (CVE-2011-1274)

This is a remote code execution vulnerability. When Microsoft Excel validates record information upon opening a specially crafted Excel file, a memory handling error may corrupt system memory in such a way that an attacker could execute arbitrary code. Successful exploitation of this vulnerabilit...

9.3CVSS7.3AI score0.1332EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•21 views

Internet Explorer ActiveX Navigate Handling Code Execution (MS08-073) - Ver2 (CVE-2008-4258)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in Internet Explorer that fails to properly validate parameters made during a method call in the...

8.5CVSS7.1AI score0.17841EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•26 views

Microsoft Office Property Memory Corruption - Ver2 (CVE-2006-2389)

A memory corruption vulnerability has been reported in Microsoft Office. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.5AI score0.38839EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•26 views

Microsoft Visual Basic FlexGrid ActiveX Control Rows Parameter Memory Corruption - Ver2 (CVE-2008-4254)

A memory corruption vulnerability has been reported in Microsoft Visual Basic. An attacker could exploit this vulnerability crafted Rows and Cols properties to the ExpandAll and CollapseAll methods, related to access of incorrectly initialized objects and corruption of the system state. Successfu...

7.2AI score0.2206EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•12 views

Microsoft Excel Merge Cell Record Pointer Code Execution (MS10-080) - Ver2 (CVE-2010-3237)

Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. A memory corruption vulnerability has been identified in Microsoft...

9.3CVSS6.7AI score0.21413EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•12 views

Ultra Crypto Component AcquireContext Buffer Overflow - Ver2 (CVE-2007-4903)

A buffer overflow vulnerability has been reported in Ultra Crypto Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.7AI score0.09389EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•54 views

Mozilla Firefox JIT escape Function Memory Corruption - Ver2 (CVE-2009-2477)

Mozilla Firefox is a web browser developed by Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, and various graphic formats, and so on. The browser runs on Windows,...

9.3CVSS9.4AI score0.42689EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•9 views

Internet Explorer HTML Object use after free Memory Corruption (MS10-090) - Ver2 (CVE-2010-3340)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has not been initialized or has been deleted. To trigger this...

9.3CVSS7.3AI score0.25317EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•14 views

Microsoft Excel SXLI Record Memory Corruption (MS12-030) - Ver2 (CVE-2012-0184)

A remote code execution vulnerability has been reported in Microsoft Excel. The vulnerability is due to an error in the way Microsoft Excel handles memory when opening specially crafted Excel files. A remote attacker can exploit this issue by enticing a target user to open a specially crafted Exc...

9.3CVSS7AI score0.24221EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•13 views

Internet Explorer Cross Domain Document Switching (MS09-019) - Ver2 (CVE-2007-3091)

Microsoft Internet Explorer is the most widely used Internet browser. An information disclosure vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to a script that can create a race condition that could break the same-origin policy of Internet Explorer and re...

7.1CVSS5.5AI score0.27748EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•19 views

Microsoft PowerPoint Techno-color Time Bandit Code Execution - Ver2 (CVE-2011-0655)

A code execution vulnerability has been reported in Microsoft PowerPoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.3AI score0.22593EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•7 views

Apache Tomcat Parameter Hash Collision Denial of Service - Ver2 (CVE-2011-4858)

A denial-of-service vulnerability has been reported in Apache Software Foundation Tomcat. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

5CVSS5.2AI score0.80318EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•5 views

Microsoft Office Publisher pubconv.dll Size Value Heap Corruption (MS10-103) - Ver2 (CVE-2010-2569)

Microsoft Publisher is a desktop publishing application for creating marketing materials, managing customer lists and more. The vulnerability is due to an error in pubconv.dll, Publisher Converter DLL that is used to open Publisher files created in versions earlier than Microsoft Publisher 2007. ...

9.3CVSS2.1AI score0.21001EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•5 views

Mozilla Browsers JavaScript Navigator Object Memory Corruption - Ver2 (CVE-2006-3677)

Mozilla Firefox and Seamonkey are very popular open source web browsers from Mozilla Foundation, based on the Mozilla Suite code base. The browser is an application designed for tasks related to web browsing, such as displaying HTML pages, downloading files, rendering different media, and so on...

7.5CVSS7.1AI score0.78359EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•56 views

Microsoft Windows Font Library File Buffer Overflow - Ver2 (CVE-2011-2003)

A buffer overflow vulnerability has been reported in Microsoft Windows. The vulnerability is due to an input validation error when the kernel parses a .FON font file. A remote attacker could exploit this issue by enticing a target user to open a specially crafted .FON file...

5.1AI score0.27772EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•29 views

Microsoft Office Excel Record Type Confusion Code Execution - Ver2 (CVE-2011-1273)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to improper parsing of certain records leading to type confusion while handling specially crafted Excel files. Successful exploitation of this vulnerability could allow a remote attacker to execut...

7.3AI score0.16968EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

Microsoft Visio DXF File Parsing Code Execution - Ver2 (CVE-2012-1888)

A code execution vulnerability has been reported in Microsoft Office Visio. The vulnerability is due to a boundary error in Microsoft Office Visio when parsing specially crafted DXF files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

7.3AI score0.24151EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•22 views

Internet Explorer Outlook Express Address Book ActiveX Denial of Service - Ver2 (CVE-2005-4840)

A denial-of-service vulnerability has been reported in Microsoft Outlook Express Book Control. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

4.3CVSS6.2AI score0.11615EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•13 views

Microsoft Excel Biff Record PtgName Entries Code Execution (MS10-080) - Ver2 (CVE-2010-3235)

Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly validate formula information upon opening a specially crafted Excel file. A remote...

9.3CVSS6.8AI score0.21413EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•13 views

Microsoft Office Excel Label Record Buffer Overflow (MS11-021) - Ver2 (CVE-2011-0098)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to a flaw in the parsing of Label record in Excel documents, causing a buffer overflow. Remote attackers can exploit this vulnerability by enticing target users to open a malicious Excel file. In ...

9.3CVSS7.1AI score0.30499EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•14 views

Microsoft Excel SxView Record Parsing Memory Corruption (MS10-038) - Ver2 (CVE-2010-0821)

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available is several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...

9.3CVSS6.7AI score0.24265EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

Sun Java Web Start dnsResolve ActiveX Buffer Overflow - Ver2 (CVE-2007-5019)

A buffer overflow vulnerability has been reported in numerous forms. The vulnerability is due to a boundary error in the Sun Java Web Start ActiveX control that fails to properly handle user supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute...

4AI score0.10465EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•4 views

Nokia PC Suite Video Manager Buffer Overflow - Ver2 (CVE-2012-2442)

A buffer overflow vulnerability has been reported in Nokia Pc Suite. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

6.1AI score0.02746EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•26 views

Microsoft SMB Client Transaction Memory Corruption - Ver2 (CVE-2010-0270)

A memory corruption vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the Microsoft SMB client implementation that fails to properly validate fields in the SMB response. Successful exploitation of this vulnerability could allow a remote attacker to...

10CVSS7.1AI score0.48188EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

Microsoft Excel Malformed File Memory Corruption - Ver2 (CVE-2012-1886)

A memory corruption vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Excel while handling specially crafted Excel files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affecte...

7.1AI score0.21769EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•26 views

Microsoft Office Excel Record Parsing Integer Overflow - Ver2 (CVE-2010-3230)

A integer overflow vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an integer overflow parsing in an Excel file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.2AI score0.20486EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•20 views

Microsoft PowerPoint Converter GuideAtom Record Handling Error (MS09-017) - Ver2 (CVE-2009-0225)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A memory corruption vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory corruption error in Microsoft PowerPoint when reading sound data from specially crafted...

9.3CVSS6.9AI score0.3107EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•21 views

Microsoft Office PICT Filter Map Structure Memory Corruption - Ver2 (CVE-2008-3021)

A memory corruption vulnerability has been reported in Microsoft Office. The vulnerability is due to a memory corruption error when a malformed PICT file is opened by any of the affected Microsoft Office applications. Successful exploitation of this vulnerability could allow a remote attacker to...

7.2AI score0.35905EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•14 views

Altnet Download Manager ActiveX Buffer Overflow - Ver2 (CVE-2007-5217)

A buffer overflow vulnerability has been reported in Altnet Download Manager. An attacker could exploit this vulnerability a long argument to the Install method. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause...

6.8CVSS7.6AI score0.2999EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•23 views

Microsoft Word TextBox Sub-document Memory Corruption - Ver2 (CVE-2007-1910)

A memory corruption vulnerability has been reported in Microsoft Office Word. The vulnerability is due to improper validation of a supplied value inside the Main Stream. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2AI score0.24949EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•33 views

Microsoft Excel SxView Record Memory Pointer Corruption (MS10-038) - Ver2 (CVE-2010-1245)

Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. A memory corruption vulnerability has been identified in Microsoft...

9.3CVSS6.8AI score0.22356EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•24 views

Microsoft Word UPX Data Stack Validation Buffer Overflow - Ver2 (CVE-2010-3214)

A memory corruption vulnerability has been reported in Microsoft Office Word. The vulnerability is due to an error in Microsoft Word that fails to properly validate UPX structures within specially crafted Word files. Successful exploitation of this vulnerability could allow a remote attacker to...

7.1AI score0.24787EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•24 views

PoPToP PPTP Negative Read Overflow Buffer Overflow - Ver2 (CVE-2003-0213)

A buffer overflow vulnerability has been reported in Poptop Pptp Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.5AI score0.71026EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•83 views

Trend Micro objRemoveCtrl ActiveX Control Multiple Buffer Overflows - Ver2 (CVE-2008-3364)

Trend Micro OfficeScan is a centralized virus and security scan management system. A buffer overflow vulnerability has been reported in Trend Micro OfficeScan. The vulnerability is due to a boundary error in the OfficeScan ActiveX control objRemoveCtrl. To trigger this issue, an attacker may crea...

9.3CVSS7.2AI score0.32811EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•15 views

Microsoft Excel SST Invalid Length Use After Free - Ver2 (CVE-2012-1887)

A use-after-free vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Excel while handling specially crafted Excel files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...

7.1AI score0.25099EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•30 views

Apple QuickTime QTVR QTVRStringAtom Parsing Buffer Overflow - Ver2 (CVE-2012-0667)

A buffer overflow vulnerability has been reported in Apple QuickTime. The vulnerability is due to a signedness error when processing a specially crafted QTVR string. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cau...

7.5AI score0.03442EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•13 views

Microsoft Excel Buffer Overrun in ToolbarDef Buffer Overflow - Ver2 (CVE-2011-0097)

A buffer overflow vulnerability has been reported in Microsoft Excel. An attacker could exploit this vulnerability a crafted 400h substream in an Excel file, which triggers a stack-based buffer overflow. Successful exploitation of this vulnerability could allow a remote attacker to execute...

7.4AI score0.38221EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•14 views

Microsoft Office Excel Index Parsing Pointer Corruption Code Execution - Ver2 (CVE-2009-3132)

A code execution vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitra...

7.3AI score0.25883EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•10 views

Apple Quicktime for Windows QTPlugin.ocx ActiveX Control Set Buffer Overflow - Ver2 (CVE-2008-0778)

A buffer overflow vulnerability has been reported in Apple Quicktime. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.7AI score0.09214EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•13 views

Microsoft WordPad Converter sprm Record Parsing Code Execution - Ver2 (CVE-2011-0028)

A code execution vulnerability has been reported in Microsoft WordPad. The vulnerability is due to an error in the WordPad converter that fails to correctly parse the sprmTTextFlow and the sprmTSplit fields in a Word document. Successful exploitation of this vulnerability could allow a remote...

7.4AI score0.23596EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/16 12:0 a.m.•77 views

Microsoft Windows Assembly Execution File Inclusion - Ver2 (CVE-2012-0013)

A file inclusion vulnerability has been reported in Microsoft Office. The vulnerability is due to ClickOnce application file types not being included in the Windows Packager unsafe file type list. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary cod...

7AI score0.73753EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2014/04/13 12:0 a.m.•8 views

Digium Asterisk Cookie Stack Overflow (CVE-2014-2286)

A stack-overflow vulnerability has been reported in Digium Asterisk. The vulnerability is due to insufficient validation of Cookie: headers in HTTP requests sent to the HTTP management interface. A remote attacker can exploit this vulnerability to cause a denial-of-service condition...

4.1AI score0.1639EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/13 12:0 a.m.•4 views

Adobe Flash Player Cross-Site Scripting (APSB14-09: CVE-2014-0509)

A cross-site scripting vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in the way the browser and the plug-in handle specially crafted URLs. A remote attacker can exploit this vulnerability by enticing an affected user to open a malicious web-page...

4.3CVSS5.6AI score0.02808EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/13 12:0 a.m.•65 views

Microsoft Internet Explorer CSS Table Handling Memory Corruption (MS10-090; CVE-2010-3962)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7AI score0.96889EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2014/04/13 12:0 a.m.•7 views

Digium Asterisk File Descriptor Denial of Service (CVE-2014-2287)

A denial of service vulnerability has been reported in Digium Asterisk. The vulnerability is due to file descriptor exhaustion from a large number of crafted SIP INVITE requests. A remote attacker can exploit this vulnerability to cause a denial of service condition...

3.5CVSS7AI score0.02464EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/13 12:0 a.m.•25 views

Symantec LiveUpdate Administrator Security Bypass (CVE-2014-1644)

A security policy bypass vulnerability exists in Symantec LiveUpdate Administrator. The vulnerability is due to a failure to validate temporary passwords when processing a user account password reset. A remote unauthenticated attacker could exploit this vulnerability by sending a malicious reques...

7.5CVSS6.6AI score0.02639EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/12 12:0 a.m.•0 views

OpenSSL TLS DTLS Overly-long Heartbeat Response Information Disclosure

An information disclosure vulnerability exists in OpenSSL. The vulnerability is due to an error when handling TLS/DTLS heartbeat packets. An attacker can leverage this vulnerability to disclose memory contents of a connected client or server...

1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/12 12:0 a.m.•2 views

TLS and DTLS Heartbeat Extension

The Heartbeat Extension allows keep-alive functionality for TLS/DTLS protocols. Heartbeat consists of two message types, HeartbeatRequest and HeartbeatResponse...

7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/04/10 12:0 a.m.•2 views

McAfee Asset Manager downloadReport Information Disclosure (CVE-2014-2588)

An information disclosure vulnerability has been reported in McAfee Asset Manager. The vulnerability is due to insufficient input validation. A remote authenticated attacker can exploit this vulnerability to download arbitrary files from the server...

4CVSS3.4AI score0.07322EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/04/10 12:0 a.m.•10 views

Oracle Internet Directory Pre-Authentication LDAP Denial of Service (CVE-2008-2595)

There exists a denial of service vulnerability in the Oracle Internet Directory. The vulnerability is due to a NULL pointer dereference error when processing LDAP requests. Remote unauthenticated attackers could exploit this vulnerability by sending a crafted LDAP request to create a denial of...

4.4AI score0.11336EPSS
Exploits6
Total number of security vulnerabilities13538