Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/03/13 12:0 a.m.•23 views

VLC Media Player RTSP Plugin Stack Buffer Overflow (CVE-2013-6933)

A stack buffer overflow exists in VideoLAN VLC Media Player. The vulnerability is due an error in VLC's embedded Live555 RTSP library, when handling RTSP requests. Incorrect handling of RTSP commands can result in a stack buffer overflow. A remote unauthenticated attacker could exploit this...

3.2AI score0.17415EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/13 12:0 a.m.•20 views

VICIdial Manager Send OS Command Injection (CVE-2013-4468)

An OS Command Injection vulnerability has been reported in VICIdial Manager. The vulnerability is due to a web application uses unsanitized user input. A remote attacker could trigger this flaw by using a crafted SQL parameter value...

6.5CVSS3.6AI score0.31756EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2014/03/13 12:0 a.m.•13 views

WellinTech Multiple Products kxClientDownload ActiveX Remote Code Execution (CVE-2013-2827)

A remote code execution vulnerability exists in WellinTech multiple products. The vulnerability exists in ClientDownload.ocx ActiveX control and is due to insufficient sanitization of ProjectURL property. A remote unauthenticated attacker can leverage this vulnerability to download and load an...

7.5AI score0.49235EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/12 12:0 a.m.•50 views

HP Data Protector Opcode 42 Directory Traversal (CVE-2013-6194)

A directory traversal vulnerability has been reported in HP Data Protector. The vulnerability is due to a lack of input sanitization on a file name provided with Opcode 42. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the vulnerable service...

4.5AI score0.65924EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2014/03/12 12:0 a.m.•20 views

HP Data Protector Opcode 45 and 46 Code Execution (CVE-2013-2348)

Multiple vulnerabilities have been reported in HP Data Protector. Both vulnerabilities are due to insufficient input validation on a string supplied with a message containing opcodes 45 or 46. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the...

2.9AI score0.10436EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/12 12:0 a.m.•33 views

HP Data Protector EXEC_BAR Command Execution (CVE-2013-2347)

A command execution vulnerability has been reported in HP Data Protector. The vulnerability is due to a lack of input sanitization on a string provided with Opcode 11. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the vulnerable service...

3AI score0.66409EPSS
Exploits14
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•0 views

Web Servers HTTP Response Splitter Cache Poisoning

A Cache Poisoning vulnerability has been identified in multiple web servers. The vulnerability is due to an error in the way the web server sanitizes user input. A remote attacker can exploit this vulnerability by sending a malicious request to the server...

2.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•24 views

Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0298)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

4.9AI score0.12736EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•3 views

Microsoft Internet Explorer Memory Corruption (MS14-012: CVE-2014-0324)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open ...

9.3CVSS7.8AI score0.20414EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•1 views

OpenVAS Security Scanner

OpenVAS is a vulnerability scanning product. Remote attackers can use OpenVAS to detect vulnerabilities on a target server...

3.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•29 views

Microsoft Internet Explorer Memory Corruption (MS14-012: CVE-2014-0297)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.7AI score0.21664EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•21 views

Kerberos Cross-Realm Referrals KDC NULL Pointer Dereference Denial of Service (CVE-2013-1417)

A denial of service vulnerability has been reported in Kerberos. The vulnerability is due to a NULL pointer dereference within the "processtgsreq" function. A remote attacker can exploit this vulnerability by sending a specially crafted request to a KDC serving a realm...

3.7AI score0.01932EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•11 views

Microsoft Internet Explorer Memory Corruption (MS14-012: CVE-2014-0306)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open ...

9.3CVSS7.8AI score0.12736EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS14-012: CVE-2014-0302)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.7AI score0.20501EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•16 views

Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0305)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

7.7AI score0.13486EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0309)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open ...

7.8AI score0.20414EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•7 views

Microsoft Internet Explorer Memory Corruption (MS14-012: CVE-2014-0311)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.7AI score0.12736EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•11 views

Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0312)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open ...

7.8AI score0.21573EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•12 views

Microsoft Word Memory Corruption (MS14-001; CVE-2014-0258)

A remote code execution vulnerability has been reported in Microsoft Word. The vulnerability is caused when Microsoft Word does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing a user to open a specially craft...

8.7AI score0.15564EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•14 views

Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0303)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

4.9AI score0.20501EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•14 views

Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0314)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open ...

4.8AI score0.20414EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•15 views

Microsoft Internet Explorer Memory Corruption (MS14-012: CVE-2014-0313)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...

9.3CVSS7.7AI score0.2184EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•34 views

Microsoft ASP.NET POST Request Denial of Service (MS14-009; CVE-2014-0253)

A denial of service vulnerability exists in Microsoft ASP.NET. The vulnerability is caused when the .NET Framework improperly identifies stale or closed HTTP client connections. A remote attacker can trigger this flaw by sending a small number of specially crafted requests to an affected server...

1.4AI score0.38697EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0299)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

7.7AI score0.20501EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•19 views

Microsoft Internet Explorer Memory Corruption (MS14-012: CVE-2014-0304)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way Internet Explorer accesses an object in memory. A remote attacker can exploit this issue by enticing a victim to view a specially crafted website with an affecte...

9.3CVSS7.6AI score0.2098EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/11 12:0 a.m.•50 views

Symantec Endpoint Protection Manager XML External Entity Denial Of Service (CVE-2013-5014)

A XML external entity XXE vulnerability exists in Symantec Endpoint Protection Manager SEPM. This is due to an incorrectly configured XML parser in the management console that readily processes XML external entities. A remote unauthenticated attacker may exploit this vulnerability via specially...

7.5CVSS1.3AI score0.67573EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2014/03/09 12:0 a.m.•3 views

OpenSSL DTLS Retransmission Denial of Service (CVE-2013-6450)

A use after free vulnerability has been reported in OpenSSL's handling of DTLS. The flaw is due to the clearing of DTLS context variable prior to a retransmission. This could lead to the OpenSSL application crashing resulting in a denial of service condition. A remote attacker could exploit this...

1.9AI score0.14542EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/09 12:0 a.m.•0 views

Joomla! JomSocial Input Validation Remote Code Execution

A remote code execution vulnerability has been reported in Joomla!. The vulnerability is due to improper validation of user data. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to the target...

7.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/09 12:0 a.m.•2 views

ESF pfSense Snort snort_log_view.php Information Disclosure

An information disclosure vulnerability exists in the pfSense Snort service. The vulnerability is due to insufficient validation of user-supplied input. A remote, authenticated attacker could use this vulnerability to retrieve valuable information from the server...

6.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/09 12:0 a.m.•2 views

DirBuster Security Scanner

DirBuster is a vulnerability scanning product. Remote attackers can use DirBuster to detect vulnerabilities on a target server...

3.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/09 12:0 a.m.•16 views

HP AIO Archive Query Server oasoa.exe Stack Buffer Overflow (CVE-2013-6189)

A stack buffer overflow vulnerability exists in HP Application Information Optimizer. The vulnerability is due to insufficient sanitization on the range of the opcode value. A remote unauthenticated attacker can leverage this vulnerability by sending crafted messages to the server...

3.1AI score0.16607EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/09 12:0 a.m.•1 views

ESF pfSense webConfigurator firewall_aliases_edit.php Input Validation Error

An input validation error vulnerability exists in Electric Sheep Fencing pfSense firewall. The vulnerability is due to insufficient validation of user supplied input when processing the addressN parameter in firewallaliasesedit.php. A remote authenticated attacker could exploit this vulnerability...

6.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/06 12:0 a.m.•4 views

OpenSSL ssl_get_algorithm2 TLS Denial of Service (CVE-2013-6449)

A denial of service vulnerability has been reported in OpenSSL. The vulnerability is due to an error in sslgetalgorithms2 where the SSL/TLS version is obtained from an incorrect structure leading to a NULL pointer dereference when computing a message digest. A remote unauthenticated attacker can...

4.3CVSS7.5AI score0.21174EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/05 12:0 a.m.•7 views

Apache Tomcat Large Chunked Transfer Denial of Service (CVE-2013-4322)

A denial of service vulnerability has been reported in Apache Tomcat. This vulnerability is due to Tomcat not discarding any extensions included in very long Chunked-transfer requests, even if they were not processed. A remote attacker could exploit this vulnerability by sending a large amount of...

4.3CVSS7.9AI score0.09458EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/04 12:0 a.m.•43 views

phpBB viewtopic.php URL Decoding Code Execution - ver 2 (CVE-2004-1315)

A code injection and execution vulnerability has been reported in phpBB. The vulnerability is due to lack of input validation on the highlight parameter supplied to viewtopic.php. A remote attacker can exploit this issue by injecting malicious SQL code to the target server. Successful exploitatio...

2.8AI score0.72096EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/03/04 12:0 a.m.•10 views

Adobe Flash Player Memory Corruption (APSB14-07: CVE-2014-0499)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

7.8CVSS6.5AI score0.03712EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/04 12:0 a.m.•32 views

WordPress Plugin AdRotate SQL Injection (CVE-2014-1854)

An SQL injection vulnerability has been reported in the AdRotate plugin for WordPress. Remote attacker can exploit this vulnerability to execute arbitrary SQL commands on the target...

7.5CVSS8.2AI score0.05412EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/03/04 12:0 a.m.•10 views

Adobe Flash Player Memory Corruption (APSB14-07: CVE-2014-0498)

A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file...

10CVSS6.5AI score0.07223EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•4 views

Microsoft WordPad Text Converter Buffer Overflow - Ver2 (CVE-2010-2563)

A buffer overflow vulnerability has been reported in Microsoft Windows Server 2003 Service Pack 2. A remote attacker could trigger this vulnerability by enticing a vulnerable target to open a specially crafted document file. Successful exploitation of this vulnerability could allow a remote...

7.4AI score0.18574EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•2 views

Redmine Repository Controller Command Execution - Ver2 (CVE-2011-4929)

A command execution vulnerability has been reported in Redmine. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS7.3AI score0.46401EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•3 views

Mozilla Firefox Link Tag Code Execution - Ver2 (CVE-2005-1155)

A code execution vulnerability has been reported in Mozilla Firefox and Mozilla Mozilla. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5AI score0.08283EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•3 views

Firefox Hyphenated URL Buffer Overflow - Ver2 (CVE-2005-2871)

A buffer overflow vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

7.6AI score0.21112EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•11 views

Windows MP3 Media File Format Parsing Code Execution - Ver2 (CVE-2009-2499)

A code execution vulnerability has been reported in Microsoft Windows. A remote attacker could exploit this vulnerability by convincing a user to open a specially crafted MP3 file or receive specially crafted streaming content. Successful exploitation of this vulnerability could allow a remote...

7.3AI score0.15546EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•2 views

Mozilla Firefox Javascript Deleted Frame Reference Code Execution - Ver2 (CVE-2006-3801)

A code execution vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.04345EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•18 views

SAP Internet Transaction Server wgate.dll service Parameter XSS - Ver2 (CVE-2003-0749)

A cross-site scripting vulnerability has been reported in SAP Internet Transaction Server. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

6.8CVSS5.8AI score0.03647EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•7 views

Microsoft Office Excel Field Sanitization Remote Code Execution (MS09-067) - Ver2 (CVE-2009-3134)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly parse the Excel spreadsheet file format. A remote attacker could trigger this...

9.3CVSS7.2AI score0.25777EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•22 views

Adobe Reader JavaScript spell.customDictionaryOpen Method Memory Corruption - Ver2 (CVE-2009-1493)

Adobe develops products for creating, distributing, and viewing Portable Document Format PDF documents. Adobe Reader is a viewer application that allows for reading and the printing of PDF documents. Adobe Acrobat provides PDF authoring functionality in addition to those of viewing. A buffer...

6.8CVSS7.2AI score0.21826EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•4 views

Oracle Java java.util.concurrent.ConcurrentHashMap Memory Corruption - Ver2 (CVE-2013-2426)

A memory corruption vulnerability has been reported in Oracle Java. This protection will detect and block attempts to exploit this vulnerability...

9.3CVSS8.9AI score0.05691EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•6 views

Microsoft Excel Embedded Object Validation Integer Overflow - Ver2 (CVE-2008-3477)

An integer overflow vulnerability has been reported inMicrosoft Office Excel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.1AI score0.35685EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/03/03 12:0 a.m.•1 views

Neutrino Exploit Kit Landing Page Code Execution

Neutrino is an exploit kit that operates by delivering malicious payload to a victim's computer. Remote attackers can infect users with Neutrino by enticing them to visit a malicious landing page...

5.4AI score
Exploits0
Total number of security vulnerabilities13538