Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•18 views

MSSQL 2000MSDE Resolution Buffer Overflow - Ver2 (CVE-2002-0649)

A buffer overflow vulnerability has been reported in Microsoft MSDE and Microsoft SQLServer. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.5CVSS6.5AI score0.8475EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•15 views

Microsoft GDI+ WMF Integer Overflow (MS09-062) - Ver2 (CVE-2009-2500)

The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer.Windows Metafile WMF is a 16-bit metafile image format optimized for the Windows operating system that can contain both vector information and bitmap...

9.3CVSS7.3AI score0.23647EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•11 views

Microsoft Excel NULL Pointer Denial of Service - Ver2 (CVE-2007-1239)

A denial-of-service vulnerability has been reported in Microsoft Excel. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.1AI score0.11611EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•29 views

Nullsoft Winamp RIFF INFO Record Heap Buffer Overflow - Ver2 (CVE-2011-3834)

A buffer overflow vulnerability has been reported in Nullsoft Winamp. The vulnerability is due to a heap buffer overflow while handling a malformed AVI file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.5AI score0.05158EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•21 views

Novell ZENworks Asset Management File Upload Directory Traversal - Ver2 (CVE-2010-4229)

A directory traversal vulnerability has been reported in Novell ZENworks. The vulnerability is due to improper handling of path names when uploading files via ZENworks Asset Management. Successful exploitation of this vulnerability would allow a remote attacker to list directories, create arbitra...

7.2AI score0.25428EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•33 views

Microsoft XML Core Services Nested Tag Memory Corruption- Ver2 (CVE-2007-0099)

A memory corruption vulnerability has been reported in Xml Core Services. The vulnerability is due to the way that Microsoft XML Core Services handles nested tags. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.2AI score0.24888EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•11 views

Trimble Navigation SketchUp BMP File Code Execution - Ver2 (CVE-2013-3663)

A remote code execution vulnerability exists in Trimble Navigation's SketchUp. The vulnerability is due to a heap buffer overflow while processing BMP files which contain malicious RLE data. Remote unauthenticated attackers can exploit this vulnerability by enticing a target user to open a...

9.3CVSS8AI score0.31864EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

Oracle Java and JavaFX JPEGImageReader Memory Corruption - Ver2 (CVE-2013-2430)

A memory corruption vulnerability has been reported in Oracle Java and JavaFX. The vulnerability is due to improper safeguards against object manipulation. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page. Successful exploitation o...

7.6CVSS9.2AI score0.05724EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•8 views

Microsoft Word MSO Null Pointer Dereference Denial of Service - Ver2 (CVE-2010-3200)

A denial-of-service vulnerability has been reported in Microsoft Word. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.1AI score0.10564EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

Adobe Multiple Products authplay.dll PDF File Code Execution - Ver2 (CVE-2010-1297)

A code execution vulnerability has been reported in multiple Adobe products. The vulnerability is due to the authplay. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5AI score0.82365EPSS
Exploits22
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•38 views

Microsoft Windows Theme File Remote Code Execution - Ver2 (CVE-2013-0810)

A code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to improper handling of specially crafted Windows Theme file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.8AI score0.59885EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•21 views

Movable Type 4.2x 4.3x Upgrade Script RCE Script Injection - Ver2 (CVE-2012-6315)

A script injection and execution vulnerability has been reported in Movable Type. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary Perl code and SQL commands on the affected system...

8.1AI score
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•12 views

WordPress Complete Gallery Manager Plugin Arbitrary Code Execution - Ver2 (CVE-2013-5962)

A code execution vulnerability has been reported in Envato Complete Gallery Manager Plugin for WordPress. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5AI score0.14771EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•41 views

Microsoft Excel OBJ Record Stack Overflow (MS10-038) - Ver2 (CVE-2010-0822)

Microsoft Excel is a spreadsheet application released by the Microsoft Corporation. Its native file format is the Binary Interchange File Format BIFF, which is available is several versions. An Excel file contains information about the various spreadsheets that form an Excel workbook, the data an...

9.3CVSS6.8AI score0.70121EPSS
Exploits21
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•25 views

Microsoft Word RTF Drawing Primitives Remote Code Execution (MS08-072) - Ver2 (CVE-2008-4028)

Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...

9.3CVSS7.2AI score0.38057EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•8 views

Best Software SalesLogix Authentication Bypass - Ver2 (CVE-2004-1612)

An authentication bypass vulnerability has been reported in Saleslogix Corporation Saleslogix. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...

5.7AI score0.03266EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•36 views

Microsoft Word Section Table Array Buffer Overflow - Ver2 (CVE-2007-0515)

A buffer overflow vulnerability has been reported in Microsoft Office Word. The vulnerability is due to a flaw in the Section Table entry inside the Table Stream structure. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.4AI score0.3816EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•21 views

GestArt aide.php3 aide Parameter PHP Code Execution - Ver2 (CVE-2006-5612)

A code execution vulnerability has been reported in Michel Pradel Gestart. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6AI score0.03124EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•17 views

GomPlayer wav Buffer Overflow - Ver2 (CVE-2013-5716)

A buffer overflow vulnerability has been reported in Gomlab Gom Player. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.6AI score0.02154EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

Oracle Java JPEGImageWriter Memory Corruption - Ver2 (CVE-2013-2429)

A memory corruption vulnerability has been reported in Oracle Java. The vulnerability is due to improper safeguards against object manipulation in stream writer callbacks from native code in com. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code...

9.2AI score0.05724EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•39 views

Microsoft Excel Incorrect BIFF2 Record Parsing Code Execution (MS11-072) - Ver2 (CVE-2011-1988)

A remote code execution vulnerability has been reported in Microsoft Excel. The vulnerability is due to a heap memory corruption while parsing certain BIFF2 records in Excel files. A remote attacker could exploit this vulnerability by enticing a target user to open a malicious BIFF2 file using a...

9.3CVSS7.5AI score0.18609EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•20 views

GDI PNG Heap Overflow - Ver2 (CVE-2009-2501)

A buffer overflow vulnerability has been reported in GDI+. An attacker could exploit this vulnerability via a crafted PNG image file. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.2AI score0.26824EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•2 views

Mozilla Firefox XUL Tree Element Code Execution - Ver2 (CVE-2009-1044)

Mozilla Firefox is a very popular web browser developed by the Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, various graphics formats, and so on. The browser runs ...

9.3CVSS9.5AI score0.0649EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•5 views

Adobe Flash Player ActionScript Code Heap Buffer Overflow (APSB13-04) - Ver2 (CVE-2013-0634)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is caused due to an improper buffer allocation by the flash player PCRE engine. A remote attacker can exploit this issue by enticing a target user to open a web-page that contains a specially crafted...

9.3CVSS7.2AI score0.77597EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•19 views

Bharat Mediratta Gallery captionator.php GALLERY_BASEDIR Parameter PHP Code Execution - Ver2 (CVE-2002-1412)

A code execution vulnerability has been reported in Gallery Project Gallery. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5AI score0.39498EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•4 views

Adobe Reader XFA Remote Code Execution - Ver2 (CVE-2013-0640)

A code execution vulnerability has been reported in Adobe Acrobat and Adobe Acrobat Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.4AI score0.86979EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•2 views

Firefox Plugin Finder Javascript Injection - Ver2 (CVE-2005-0752)

A code execution vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.04106EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•5 views

Mozilla Firefox XUL Tree Element Code Execution - Ver2 (CVE-2009-1044)

Mozilla Firefox is a very popular web browser developed by the Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, various graphics formats, and so on. The browser runs ...

9.3CVSS9.5AI score0.0649EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•24 views

Internet Explorer Selection Object Memory Corruption (MS11-050) - Ver2 (CVE-2011-1261)

This is a remote code execution vulnerability. When Internet Explorer attempts to access an object that has not been initialized or has been deleted, it may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user. Successful exploitation of...

9.3CVSS7.6AI score0.16935EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•20 views

Apple QuickTime STSD JPEG Atom Heap Corruption - Ver2 (CVE-2009-0007)

Apple's QuickTime is a multimedia player that supports a wide range of media formats. The software supports parsing and displaying picture files as well as numerous audio/video formats. There exists a heap buffer memory corruption vulnerability in Apple QuickTime. The vulnerability is due to lack...

9.3CVSS7.6AI score0.0772EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•21 views

Microsoft Internet Authentication Service MS-CHAP Security Bypass (MS09-071) - Ver2 (CVE-2009-3677)

An elevation of privilege vulnerability has been reported in the Internet Authentication Service. Internet Authentication Service IAS is the Microsoft implementation of a Remote Authentication Dial-in User Service RADIUS server and proxy. As a RADIUS server, IAS performs centralized connection...

10CVSS7AI score0.2182EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•15 views

Internet Explorer JavaScript window() Memory Corruption (MS05-054) - Ver2 (CVE-2005-1790)

Microsoft Internet Explorer is a web browser capable of displaying HTML encoded pages, downloading files, etc. This application has a built-in JavaScript interpreter. It is also capable of using Document Object Model DOM objects, in particular by providing access to them through JavaScript. A...

2.6CVSS7AI score0.83472EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•20 views

Microsoft DirectShow Crafted MJPEG Stream Handling Code Execution (MS10-033) - Ver2 (CVE-2010-1879)

Microsoft DirectShow is used for streaming media on Microsoft Windows operating systems. It is used for high-quality capture and playback of multimedia streams. Audio Video Interleave AVI is a file type that is used with applications that capture, edit, and play back audio-video sequences. A remo...

9.3CVSS7.5AI score0.20284EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•41 views

Lattice Semiconductor PAC-Designer Symbol Value Buffer Overflow - Ver2 (CVE-2012-2915)

A buffer overflow vulnerability has been reported in Lattice Semiconductor PAC-Designer. The vulnerability is due to the improper handling of validation of specially crafted pac files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the...

4.4AI score0.29465EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•35 views

KingView ActiveX Control Directory Traversal - Ver2 (CVE-2013-6128)

A directory traversal vulnerability has been reported in Wellintech Kingview. Successful exploitation of this vulnerability would allow a remote attacker to list directories, create arbitrary files and subsequently execute arbitrary code on the affected system...

5.8CVSS7.2AI score0.02562EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•9 views

Cyberlink Power2Go p2g Project Buffer Overflow - Ver2 (CVE-2011-5171)

A buffer overflow vulnerability has been reported in Cyberlink Power2go. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.5AI score0.45786EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•17 views

Zavio IP Camera Firmware 1.6.03 Authentication Bypass - Ver2 (CVE-2013-2567)

An authentication bypass vulnerability has been reported in the Zavio IP Camera firmware. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...

8.7AI score0.14572EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•42 views

Dlink IP Camera Video Stream Authentication Bypass - Ver2 (CVE-2013-1600)

An authentication bypass vulnerability has been reported in several D-Link IP Cameras. Successful exploitation of this vulnerability would allow remote attackers to gain access to sensitive information and gain unauthorized access into the affected system...

5.1AI score0.18501EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•21 views

CSGuestbook csGuestbook.cgi setup Parameter Code Execution - Ver2 (CVE-2002-1750)

A code execution vulnerability has been reported in Cgiscript.net Csguestbook. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.6AI score0.02176EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•23 views

Microsoft Word Cascading Style Sheet Processing Code Execution - Ver2 (CVE-2008-1434)

A code execution vulnerability has been reported in Microsoft Office Word. The vulnerability is due to a memory calculation error in Microsoft Word that fails to properly handle specially Word files that includes a malformed CSS value. Successful exploitation of this vulnerability could allow a...

7.3AI score0.30869EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•11 views

Internet Explorer removeChild Use After Free Code Execution (MS13-021) - Ver2 (CVE-2013-0094)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory that has been deleted. A remote attacker can exploit this issue by enticing a target victim to open a specially...

9.3CVSS7.3AI score0.18477EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•10 views

Squery libpath Parameter PHP Code Execution - Ver2 (CVE-2006-1610)

A code execution vulnerability has been reported in Squery. An attacker could exploit this vulnerability via a URL in the libpath parameter. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.8AI score0.07481EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•22 views

Microsoft Windows Shell MSHTA Script Execution in OLE Files (MS05-016) - Ver2 (CVE-2005-0063)

The Windows operating system provides facilities that make it possible to invoke different applications to handle different types of files. This makes it possible for a user to double click on a known image type file, for instance, and by that action launch the proper application to display or ed...

7.5CVSS6.6AI score0.51684EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•18 views

Microsoft Windows GDI+ VML Gradient Buffer Overflow (MS08-052) - Ver2 (CVE-2007-5348)

Vector Markup Language VML is a set of XML tags used for exchange, editing, and delivery of vector graphics on the web. A remote code execution vulnerability has been reported in the way that GDI+ handles VML files. The vulnerability is due to a heap-based buffer overrun when GDI+ fails to proper...

9.3CVSS7.2AI score0.52886EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•38 views

Microsoft DirectShow AVI Parser Heap Overflow - Ver2 (CVE-2010-0250)

A buffer overflow vulnerability has been reported in Microsoft DirectShow. The vulnerability is due to the way Microsoft DirectShow component handles specially crafted AVI files. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected...

7.4AI score0.31862EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•6 views

Ultra Crypto Component Insecure Method Directory traversal - Ver2 (CVE-2007-4902)

A directory traversal vulnerability has been reported on Ultra Crypto. An attacker could exploit this vulnerability via full pathnames in the argument to the SaveToFile method. Successful exploitation of this vulnerability would allow a remote attacker to overwrite arbitrary files on the affected...

6.4CVSS6.5AI score0.05615EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•9 views

Apple Iphone OS Springboard Application Malformed Character Denial of Service - Ver2 (CVE-2010-1226)

A denial-of-service vulnerability has been reported in Apple Iphone OS. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

6.3AI score0.04995EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•25 views

Adobe Reader and Acrobat TTF MINDEX Code Execution (APSB12-08) - Ver2 (CVE-2012-0774)

A remote code execution vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

10CVSS9.5AI score0.15654EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•10 views

Microsoft MPEG Layer-3 Audio Decoder Stack Overflow (MS10-026) - Ver2 (CVE-2010-0480)

MPEG Layer-3 audio codecs are the MPEG Layer-3 Audio Codec for Microsoft DirectShow l3codecx.ax and the Fraunhofer IIS MPEG Layer-3 ACM codecs L3codeca.acm and L3codecp.acm. These MPEG Layer-3 audio codecs are provided along with Windows Media files on affected versions of Microsoft Windows. A...

9.3CVSS6.8AI score0.67888EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2014/03/31 12:0 a.m.•17 views

Microsoft Windows Mail HTML Link Program Execution - Ver2 (CVE-2007-1658)

A command and program execution vulnerability has been reported in Microsoft Windows Vista. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands and programs on the affected system...

7.1AI score0.35771EPSS
Exploits1
Total number of security vulnerabilities13538