Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•24 views

Wim Fleischhauer Docpile INIT_PATH Parameter PHP Code Execution - Ver2 (CVE-2006-4076)

A code execution vulnerability has been reported in Wim Fleischhauer Docpile. An attacker could exploit this vulnerability via a URL in the INITPATH parameter to lib/access.inc.php, lib/folders.inc.php, lib/init.inc.php or lib/templates.inc.php. Successful exploitation of this vulnerability could...

7.6AI score0.01868EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•10 views

Microsoft Word RTF Stylesheet Control Word Memory Corruption - Ver2 (CVE-2008-4031)

A memory corruption vulnerability has been reported in Microsoft Office Word. The vulnerability is due to an error in Microsoft Word that fails to properly handle malformed Rich Text Format. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on t...

7.2AI score0.2339EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•7 views

Windows URI Handling Arbitrary Code Execution - Ver2 (CVE-2007-5020)

A code execution vulnerability has been reported in Adobe Acrobat and Adobe Acrobat Reader. An attacker could exploit this vulnerability via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. Successful exploitation of this vulnerability could allow a remote...

7.3AI score0.20971EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•12 views

Microsoft Access Snapshot Viewer ActiveX Control Arbitrary File Download - Ver2 (CVE-2008-2463)

Microsoft Snapshot Viewer is an application that allows viewing of snapshots created with any version of Microsoft Access. A remote code execution vulnerability has been discovered in the Snapshot Viewer for Microsoft Access. The vulnerability is due to an error in the Snapshot Viewer ActiveX...

6.8CVSS7.3AI score0.59125EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•13 views

Apple Webkit HTML Parsing Rowspan Denial of Service - Ver2 (CVE-2007-0342)

A denial-of-service vulnerability has been reported in Apple Mac OS X. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

4.3CVSS6.2AI score0.02159EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•7 views

Adobe Reader cooltype.dll Remote Code Execution - Ver2 (CVE-2010-2862)

A code execution vulnerability has been reported in Adobe Reader. The vulnerability is due to the cooltype. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition and execute arbitrary code on the affected system...

6.2AI score0.16305EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•26 views

Microsoft Excel HFPicture Record Stack Overflow (MS10-038) - Ver2 (CVE-2010-1248)

Microsoft Excel is a popular spreadsheet application. A stack overflow vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this flaw by...

9.3CVSS6.9AI score0.27184EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•45 views

Microsoft DirectShow QuickTime Movie Parser Filter Code Execution - Ver2 (CVE-2009-1537)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. The QuickTime Movie Parser filter splits Apple QuickTime data into audio and video streams. The vulnerability is due to the way Microsof...

9.3CVSS6.2AI score0.50926EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•45 views

Internet Explorer JavaScript window() Memory Corruption (MS05-054) - Ver2 (CVE-2005-1790)

Microsoft Internet Explorer is a web browser capable of displaying HTML encoded pages, downloading files, etc. This application has a built-in JavaScript interpreter. It is also capable of using Document Object Model DOM objects, in particular by providing access to them through JavaScript. A...

2.6CVSS7AI score0.83472EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•14 views

Apple Safari for Windows URL Address Spoofing - Ver2 (CVE-2008-1999)

An address spoofing vulnerability has been reported in Apple Safari. Successful exploitation of this vulnerability would allow a remote attacker to spoof the contents of the address of bar on te victims web browser...

5CVSS6.3AI score0.01407EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•12 views

Compface File long declaration Buffer Overflow - Ver2 (CVE-2009-2286)

A buffer overflow vulnerability has been reported in James Ashton Compface. An attacker could exploit this vulnerability by using a long declaration in a .xbm file. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected...

4.3CVSS6.5AI score0.03085EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•7 views

ActiveCampaign 1-2-All Broadcast Email sername Parameter SQL Injection - Ver2 (CVE-2005-3679)

An SQL injection vulnerability has been reported in Activecampaign 1-2-all Broadcast Email. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.3AI score0.01265EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•18 views

Apple QuickTime STSD JPEG Atom Heap Corruption - Ver2 (CVE-2009-0007)

A memory corruption vulnerability has been reported in Apple's QuickTime. The vulnerability is due to lack of boundary checks while processing the JPEG atoms embedded in the STSD atom in QuickTime movie files. Successful exploitation of this vulnerability could allow a remote attacker to execute...

7.2AI score0.0772EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•2 views

Mozilla Firefox InstallTrigger.install Method Denial of Service - Ver2 (CVE-2006-1790)

A denial-of-service vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2AI score0.05033EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•2 views

Microsoft Windows MSDTC Denial of Service - Ver2 (CVE-2006-1184)

A denial-of-service vulnerability has been reported in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.1AI score0.29721EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•8 views

Microsoft Outlook MIME Email Message Parsing Remote Code Execution - Ver2 (CVE-2013-3870)

A code execution vulnerability has been reported in Microsoft Outlook. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.3AI score0.18642EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

Adobe Reader Libtiff TIFFFetchShortPair Stack Buffer Overflow - Ver2 (CVE-2010-0188)

A buffer overflow vulnerability has been reported in the way Adobe Acrobat. The vulnerability is due to a boundary checks error while parsing crafted PDF documents. A remote attacker could exploit this vulnerability by enticing target users to open a malicious PDF document in a vulnerable version...

9.3CVSS7.4AI score0.88246EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•27 views

GDI WMF File Rendering Code Execution - Ver2 (CVE-2005-2124)

A code execution vulnerability has been reported in Microsoft GDI. An attacker could exploit this vulnerability via a crafted Windows Metafile WMF format image. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2AI score0.59625EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•9 views

Squery libpath Parameter PHP Code Execution - Ver2 (CVE-2006-1610)

A code execution vulnerability has been reported in Squery. An attacker could exploit this vulnerability via a URL in the libpath parameter. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.8AI score0.07481EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

OpenSwan and StrongSwan DPD Packet Remote Denial of Service - Ver2 (CVE-2009-0790)

A denial-of-service vulnerability has been reported in OpenswanOpenswan Openswan. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.1AI score0.03205EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•3 views

Mozilla Firefox CSS letter-spacing Heap Overflow - Ver2 (CVE-2006-1730)

A buffer overflow vulnerability has been reported in Mozilla Firefox. The vulnerability is due to an integer overflow leading to an insufficient buffer allocation while rendering the CSS spacing. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...

7.6AI score0.1034EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•8 views

Internet Explorer EMF File Rendering Denial of Service - Ver2 (CVE-2005-0803)

A denial-of-service vulnerability has been reported in Microsoft Internet Explorer. An attacker could exploit this vulnerability via a crafted Enhanced Metafile EMF file that causes invalid end, emreof, or palent offsets to be used. Successful exploitation of this vulnerability would allow a remo...

5CVSS6AI score0.70765EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•34 views

Multiple Antivirus Products RAR Parser MZ Character Sequence Security Bypass - Ver2 (CVE-2012-1443)

A security bypass vulnerability has been reported in multiple antivirus products. An attacker could exploit this vulnerability via a RAR file with an initial MZ character sequence. Successful exploitation of this vulnerability would allow remote attackers to bypass security tests and protocols on...

4.3CVSS6.3AI score0.99636EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•27 views

Microsoft Windows Shell MSHTA Script Execution in OLE Files (MS05-016) - Ver2 (CVE-2005-0063)

The Windows operating system provides facilities that make it possible to invoke different applications to handle different types of files. This makes it possible for a user to double click on a known image type file, for instance, and by that action launch the proper application to display or ed...

7.5CVSS6.6AI score0.51684EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

Microsoft Windows Trojan Client Remote Code Execution - Ver2 (CVE-1999-0660)

A code execution vulnerability has been reported in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•9 views

Oracle Outside In OS2 Metafile Parser Stack Buffer Overflow - Ver2 (CVE-2013-5763)

A code execution vulnerability has been reported in Oracle Outside In. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2AI score0.0047EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•10 views

Microsoft Office PNG File Parsing Buffer Overflow - - Ver2 (CVE-2013-1331)

A buffer overflow vulnerability has been reported in Microsoft Office. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.4AI score0.81877EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•8 views

Apple Iphone OS Springboard Application Malformed Character Denial of Service - Ver2 (CVE-2010-1226)

A denial-of-service vulnerability has been reported in Apple Iphone OS. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.3AI score0.04995EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•22 views

Apache Win32 DOS Batch File Arbitrary Command Execution - Ver2 (CVE-2002-0061)

A command execution vulnerability has been reported in Apache Software Foundation Apache HTTP Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.2AI score0.50371EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•17 views

Adobe Multiple Products PDF JavaScript Method Buffer Overflow - Ver2 (CVE-2007-5659)

A buffer overflow vulnerability has been reported in multiple Adobe products. The vulnerability is due to insufficient input validation in certain JavaScript methods. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or...

9.3CVSS7.5AI score0.94222EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•14 views

Microsoft Office RTF File listid Use-After-Free - Ver2 (CVE-2012-2528)

A use-after-free vulnerability has been reported in Microsoft Office Word. The vulnerability is due to a memory handling error while parsing specially crafted RTF Rich Text Format files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

7.1AI score0.22117EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•15 views

Novell ZENworks Asset Management File Upload Directory Traversal - Ver2 (CVE-2010-4229)

The vulnerability is triggered when the application processes specially crafted POST request. . A directory traversal vulnerability has been reported in Novell ZENworks Configuration Management. This is a directory traversal vulnerability in Novell ZENworks Configuration Management. The...

10CVSS6.2AI score0.25428EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•2 views

WebShag Security Scanner

WebShag is a vulnerability scanning product. Remote attackers can use WebShag to detect vulnerabilities on a target server...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•22 views

Ruby on Rails JSON Processor YAML Deserialization Code Execution - Ver2 (CVE-2013-0333)

A code execution vulnerability has been reported in Ruby on Rails. The vulnerability is due to an input validation error when JSON Processor deserializes YAML. A remote unauthenticated attacker can exploit this vulnerability to execute arbitrary code within the context of the underlying web serve...

7.5CVSS7.8AI score0.98582EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•13 views

Lotus Notes RIM connector for Blackberry Desktop Manager ActiveX Denial of Service - Ver2 (CVE-2009-3038)

A denial-of-service vulnerability has been reported in Ibm Lotus Notes Connector. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.3AI score0.03461EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•14 views

Microsoft Windows ANI file Denial of Service - Ver2 (CVE-2007-1765)

A denial-of-service vulnerability has been reported in Microsoft Windows. An attacker could exploit this vulnerability via a malformed ANI file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7AI score0.54326EPSS
Exploits15
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•7 views

AWStats rawlog Plugin File Information Disclosure - Ver2 (CVE-2005-0435)

An information disclosure vulnerability has been reported in Awstats. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information...

5CVSS6.1AI score0.07365EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•18 views

EasyMail Object EMSMTP.DLL ActiveX Control Buffer Overflow - Ver2 (CVE-2007-4607)

A buffer overflow vulnerability has been reported in Quiksoft EasyMail. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.5AI score0.56379EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•18 views

Microsoft Paint JPEG Image Parsing Integer Overflow - Ver2 (CVE-2010-0028)

An integer overflow vulnerability has been reported in Microsoft Paint. The vulnerability is due to an integer overflow error when Microsoft Paint fails to properly decode a malformed JPEG image file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary...

5.1AI score0.48452EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•2 views

Oracle Java and JavaFX JPEGImageReader Memory Corruption - Ver2 (CVE-2013-2430)

A memory corruption vulnerability has been reported in Oracle Java and JavaFX. The vulnerability is due to improper safeguards against object manipulation. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page. Successful exploitation o...

7.6CVSS9.2AI score0.05724EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•10 views

Novell Groupwise 8.02 Addressbook Memory Corruption - Ver2 (CVE-2011-4189)

A code execution vulnerability has been reported in Novell GroupWise. The vulnerability is due to a heap buffer overflow while parsing tokens within a specially crafted Novell Address Book .nab file. A remote attacker can exploit this issue by enticing a target user to open a specially crafted .n...

7.5CVSS7.8AI score0.11608EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•8 views

Microsoft Office Excel SxView Record Memory Corruption - Ver2 (CVE-2009-3128)

A memory corruption vulnerability has been reported in Microsoft Office Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. Successful exploitation of this vulnerability could allow a remote attacker to execute...

7.2AI score0.24879EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•12 views

Microsoft Word RTF Control Word Handling Integer Overflow (MS08-072) - Ver2 (CVE-2008-4025)

Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...

9.3CVSS7.2AI score0.32943EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•18 views

IBM WebSphere Application Server Cross-Site Scripting - Ver2 (CVE-2009-0855)

A cross-site scripting vulnerability has been reported in IBM WebSphere Application Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS5.7AI score0.05979EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•24 views

Adobe Reader and Acrobat TTF MINDEX Code Execution (APSB12-08) - Ver2 (CVE-2012-0774)

A remote code execution vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS9.5AI score0.15654EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•42 views

IBM Forms Viewer XFDL Form Processing Stack Buffer Overflow - Ver2 (CVE-2013-5447)

A buffer overflow vulnerability has been reported in IBM Forms Viewer. The vulnerability is due to an error when processing XFDL forms and can be exploited to cause a stack-based buffer overflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...

7.5AI score0.34035EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•16 views

PHPenpals profile.php personalID Parameter SQL Injection - Ver2 (CVE-2006-0074)

An SQL injection vulnerability has been reported in Jevontech Phpenpals. An attacker could exploit this vulnerability via the personalID parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.1AI score0.02545EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

Wim Fleischhauer Docpile URL in INIT_PATH Parameter PHP Code Execution - Ver2 (CVE-2006-4075)

A code execution vulnerability has been reported in Wim Fleischhauer Docpile. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.1CVSS7.6AI score0.16891EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•24 views

Veritas Backup Exec Server Remote Registry Access Code Execution - Ver2 (CVE-2005-0771)

A code execution vulnerability has been reported in Veritas Backup Exec Server. Successful exploitation of this vulnerability could allow a remote attacker to modify the registry and execute arbitrary methods via RPC on the affected system...

10CVSS5.5AI score0.54155EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•50 views

Microsoft Windows Kernel Input Validation Remote Code Execution - Ver2 (CVE-2009-0081)

A code execution vulnerability has been reported in The Windows kernel. The vulnerability is due to an error in the Windows kernel that fails to properly validate input passed from user mode through the kernel component of GDI. Successful exploitation of this vulnerability could allow a remote...

4.7AI score0.32106EPSS
Exploits0
Total number of security vulnerabilities13538