Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2014/01/20 12:0 a.m.•29 views

VERITAS NetBackup vmd Shared Library Buffer Overflow - ver 2 (CVE-2005-3116)

The Symantec VERITAS NetBackup Server product suite is an enterprise backup system solution available for various platforms. It is capable of performing scheduled automatic backups as well as manual backups invoked by a client. A minimal backup environment consists of backup clients and a master...

10CVSS7.3AI score0.27617EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/01/20 12:0 a.m.•17 views

Microsoft Office 2013 Token Hijacking Information Disclosure (MS13-104; CVE-2013-5054)

An information disclosure vulnerability has been reported in Microsoft Office. The vulnerability is due to an error in the way Microsoft Office handles specially crafted responses. A remote attacker can exploit this issue by enticing a victim to open an Office file hosted on a malicious website...

4.3CVSS5.7AI score0.12769EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/19 12:0 a.m.•25 views

NTP Servers Monlist Command Denial of Service (CVE-2013-5211)

There exists a design flaw in NTP servers that can allow attackers to perform DoS attacks against target machines. A remote attacker can leverage this flaw by sending a specially crafted request to an affected NTP server...

5.3AI score0.97549EPSS
Exploits23
Check Point Advisories
Check Point Advisories
•added 2014/01/14 12:0 a.m.•0 views

Suspicious JavaScript Encoding

Certain evasion tools can obfuscate JavaScript code in order to circumvent security software. Successful exploitation could allow attackers to execute arbitrary code on the target...

7.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/14 12:0 a.m.•3 views

JavaScript Payload Encoding

Certain JavaScript obfuscation schemes can be used to circumvent security software. These methods could allow attackers to execute arbitrary code on a target machine...

7.7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/14 12:0 a.m.•4 views

Adobe Flash Player Type Confusion Arbitrary Code Execution (APSB13-28; CVE-2013-5331)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type confusion condition while handling a malformed SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file. Successful exploitation...

3.1AI score0.72495EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/01/13 12:0 a.m.•48 views

RealNetworks RealPlayer RMP File Heap Buffer Overflow (CVE-2013-6877)

A heap buffer overflow exists in RealNetworks RealPlayer. The vulnerability is due an error when handling RMP files, overly long values for certain tags can result in a heap buffer overflow. A remote unauthenticated attacker could exploit this vulnerability by enticing a user to open a crafted RM...

9.3CVSS2.2AI score0.11345EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2014/01/12 12:0 a.m.•42 views

Zimbra Collaboration Server Local File Inclusion (CVE-2013-7091)

A local file include vulnerability has been reported in Zimbra Collaboration Server. The vulnerability is due to insufficient validation of user-supplied input. A remote attacker can exploit this vulnerability to retrieve sensitive information like LDAP root credentials...

5CVSS8.5AI score0.86196EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•2 views

Flashchat aedating4CMS.php dirinc Parameter PHP Code Execution - Ver2 (CVE-2006-4583)

A code execution vulnerability has been reported in FlashChat. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.03717EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•2 views

Mozilla Firefox Event Handler Privilege Escalation - Ver2 (CVE-2007-3737)

A privilege escalation vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.5AI score0.04618EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•2 views

Mozilla Firefox New Function Garbage Collection Code Execution - Ver2 (CVE-2006-3803)

A code execution vulnerability has been reported in Mozilla Firefox. A remote attacker could trigger this vulnerability by causing the garbage collector to delete a temporary variable while it is still being used during the creation of a new Function object. Successful exploitation of this...

5.1CVSS7.5AI score0.04378EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•12 views

PHP POST File Upload PHP GLOBALS Variable Overwrite Security Bypass - Ver2 (CVE-2005-3390)

A security bypass vulnerability has been reported in PHP. A remote attacker could exploit this vulnerability via a multipart/form-data POST request with a "GLOBALS" fileupload field. Successful exploitation of this vulnerability could allow a remote attacker to bypass security protections of PHP...

7.5CVSS6.3AI score0.65512EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•7 views

WMNews index.php base_datapath Parameter PHP Code Execution - Ver2 (CVE-2006-3928)

A code execution vulnerability has been reported in WMNews. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.03188EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•6 views

Ultimate PHP Board User-Agent HTTP Header Code Execution - Ver2 (CVE-2003-0395)

A code execution vulnerability has been reported in Ultimate PHP Board. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.6AI score0.02531EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•4 views

Apple Safari Webkit Floating Point Data Type Code Execution - Ver2 (CVE-2010-1807)

Safari is a web browsing application developed by Apple. Safari browsing functionality is built around the set of components called WebKit. WebKit is a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. A...

9.3CVSS9.2AI score0.61319EPSS
Exploits13
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•17 views

VEGO Web Forum login.php username Parameter SQL Injection - Ver2 (CVE-2006-0067)

An SQL injection vulnerability has been reported in VEGO Links Builder. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.1AI score0.01243EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•13 views

Internet Explorer Keystroke Hijack Information Disclosure - Ver2 (CVE-2006-2900)

An information disclosure vulnerability has been reported in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

4CVSS5.5AI score0.1261EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•27 views

PHP POST File Upload Buffer Overflow - Ver2 (CVE-2002-0081)

A buffer overflow vulnerability has been reported in PHP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.24256EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•12 views

WebBBS webbbs_config.pl followup Parameter Command Execution - Ver2 (CVE-2002-1993)

A command execution vulnerability has been reported in WebBBS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS7.3AI score0.11885EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•20 views

Solaris rwalld Format String - Ver2 (CVE-2002-0573)

A format string vulnerability has been reported in Sun Solaris. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.2AI score0.09217EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•15 views

FreeBSD Remote NFS RPC Request Denial of Service - Ver2 (CVE-2006-0900)

A denial of service vulnerability was detected in FreeBSD. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

7.8CVSS6.1AI score0.64373EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•19 views

Orbit Downloader Long URL Stack Buffer Overflow - Ver2 (CVE-2009-0187)

Orbit Downloader, developed by Orbit Downloader Team, is a graphical download manager for Microsoft Windows operating system. Orbit Downloader works with all major browsers like Opera, Mozilla Firefox, Microsoft Internet Explorer, Maxthon, and Netscape. A buffer overflow vulnerability exists in...

9.3CVSS7.6AI score0.39984EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•20 views

PhpSecurePages secure.php cfgProgDir Parameter PHP Code Execution - Ver2 (CVE-2001-1468)

A code execution vulnerability has been reported in phpSecurePages. A remote attacker could trigger this vulnerability by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code. Successful exploitation of this vulnerability could allow a remote attacke...

7.5CVSS7.5AI score0.01858EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•8 views

ME Download System header.php Parameter PHP Code Execution - Ver2 (CVE-2006-4053)

A code execution vulnerability has been reported in ME Download System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

5.1CVSS7.5AI score0.03358EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•6 views

Ultimate Fun Book function.php gbpfad Parameter PHP Code Execution - Ver2 (CVE-2007-1059)

A code execution vulnerability has been reported in Ultimate Fun Book. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS7.5AI score0.03048EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•5 views

Bit 5 Blog processlogin.php username Parameter SQL Injection - Ver2 (CVE-2006-0320)

An SQL injection vulnerability has been reported in Bit 5 Blog. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.1AI score0.0141EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•14 views

Apple Safari parent.close Code Execution - Ver2 (CVE-2010-1939)

Safari is a web browsing application developed by Apple. A remote code execution vulnerability has been discovered in Apple Safari. The vulnerability is due to an error in Apple Safari while handling the termination and subsequent referencing between child and parent windows. To trigger this issu...

7.6CVSS7.1AI score0.14708EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•23 views

Microsoft Internet Explorer HTML Dynamic Page Reloading Memory Corruption - Ver2 (CVE-2007-0946)

A memory corruption vulnerability has been reported in Microsoft Internet Explorer. A remote attacker could trigger this vulnerability by enticing a vulnerable target to access a specially crafted HTML document. Successful exploitation of this vulnerability could allow a remote attacker to execut...

9.3CVSS7.1AI score0.30978EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•8 views

AnnoncesV annonce.php page Parameter PHP Code Execution - Ver2 (CVE-2006-4622)

A code execution vulnerability has been reported in AnnonceV. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS5.4AI score0.03357EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•23 views

Mac OS X Safari x-man-page URI Terminal Escape Command Execution - Ver2 (CVE-2005-1342)

A command execution vulnerability has been reported in Apple Mac OS X. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS7.2AI score0.05213EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•20 views

Oracle 9i HTTP Server Web Administration Access Privilege Escalation - Ver2 (CVE-2002-0561)

A privilege escalation vulnerability has been reported in Oracle 9i Application Server. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

7.5CVSS6.7AI score0.09666EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•43 views

Microsoft Indexing Service ActiveX Memory Corruption (MS09-057) - Ver2 (CVE-2009-2507)

The Microsoft Windows Indexing Service is a base service that extracts content from files and constructs an indexed catalog to facilitate efficient and rapid searching. A remote code execution vulnerability has been reported in the Microsoft Indexing Service. The vulnerability is caused by an...

9.3CVSS7AI score0.19291EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•3 views

Mozilla Firefox CSS Border Width Memory Corruption - Ver2 (CVE-2006-1739)

A memory corruption vulnerability has been reported in Mozilla Firefox, Mozilla Thunderbird and Mozilla Seamonkey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9.3CVSS7.3AI score0.08251EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•24 views

Microsoft IIS ASP Handling Code Execution (MS08-006) - Ver2 (CVE-2008-0075)

Microsoft Internet Information Services IIS is a multi-featured server product that ships with all versions of Microsoft. The product provides FTP, SMTP, NNTP and HTTP services. The HTTP component, known as the WWW Publishing Service, allows for the serving of dynamic content, notably in the form...

10CVSS7.4AI score0.57167EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•2 views

Mozilla Firefox Style Engine Position Change Memory Corruption - Ver2 (CVE-2006-0294)

A memory corruption vulnerability has been reported in Mozilla Firefox. A remote attacker could trigger this vulnerability by changing an element's style from position:relative to position:static which causes Gecko to operate on freed memory. Successful exploitation of this vulnerability could...

7.5CVSS7.3AI score0.04815EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•6 views

Sabdrimer advanced1.php pluginpath0 Parameter CMS PHP Code Execution - Ver2 (CVE-2006-3520)

A code execution vulnerability has been reported in Sabdrimer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.0249EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•3 views

Mozilla Firefox Javascript XBL Compilation Code Execution - Ver2 (CVE-2006-1733)

A code execution vulnerability has been reported in Mozilla Firefox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS7.5AI score0.05077EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•3 views

PHPjournaler index.php readold Parameter SQL Injection - Ver2 (CVE-2006-0066)

An SQL injection vulnerability has been reported in PHPjournaler. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.1AI score0.01281EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•38 views

OPENi-CMS Plugin index.php oi_dir Parameter PHP Code Execution - Ver2 (CVE-2007-0881)

A code execution vulnerability has been reported inSeitenschutz plugin for OPENi-CMS 1.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

6.8CVSS4.8AI score0.02848EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•11 views

PHPLiveHelper global.php abs_path Parameter PHP Code Execution - Ver2 (CVE-2006-4051)

A code execution vulnerability has been reported in Turnkey Web Tools PHP Live Helper. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.6AI score0.08144EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•13 views

SaveWebPortal SITE_Path Parameter PHP Code Execution - Ver2 (CVE-2005-2687)

A code execution vulnerability has been reported in SaveWebPortal. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.01659EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•62 views

Novell Client nwspool.dll EnumPrinters Function Stack Buffer Overflow - Ver2 (CVE-2008-0639)

There exists a buffer overflow vulnerability in the way Novel Client for Windows handles RPC requests. The vulnerability is due to lack of boundary protection while processing RPC requests. A remote unauthenticated attacker may exploit this vulnerability to cause a denial of service condition or...

10CVSS7.7AI score0.23186EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•4 views

InTouch index.php user Parameter SQL Injection - Ver2 (CVE-2006-0088)

An SQL injection vulnerability has been reported in inTouch. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.1AI score0.01281EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•25 views

Internet Explorer Null Byte Information Disclosure (MS12-010) - Ver2 (CVE-2012-0012)

An information disclosure vulnerability has been reported in Internet Explorer. The vulnerability occurs during certain processes, in which Internet Explorer incorrectly allows attackers to view content from the process memory. A remote attacker may exploit this issue by enticing target users to...

4.3CVSS5.7AI score0.16915EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•19 views

phpMYAdmin goto Parameter PHP Code Execution - Ver2 (CVE-2001-0478)

A code execution vulnerability has been reported in phpMYAdmin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.04819EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•5 views

Mozilla Products Graphics and XML Features Integer Overflows - Ver2 (CVE-2006-0297)

An integer overflow vulnerability has been reported in multiple versions of Mozilla products. The vulnerability is due to improper validation of XML property values when parsing images in SVG format. A remote attacker may leverage the vulnerability by enticing the victim to visit a malicious web...

5.1CVSS6.7AI score0.03852EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•9 views

PollMentor pollmentorres.asp id Parameter SQL Injection - Ver2 (CVE-2007-0984)

An SQL injection vulnerability has been reported in PollMentor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.1AI score0.01175EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•3 views

Benders Calendar index.php this_day Parameter SQL Injection - Ver2 (CVE-2006-0252)

An SQL injection vulnerability has been reported in Benders Calendar. A remote attacker could trigger this vulnerability via the year, month and day parameters. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS8.1AI score0.0155EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•14 views

FlashGameScript index.php func Parameter PHP Code Execution - Ver2 (CVE-2007-1078)

A code execution vulnerability has been reported in FlashGameScript. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.03233EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2014/01/07 12:0 a.m.•27 views

Oracle 9i TNS Listener SERVICE_NAME Remote Buffer Overflow - Ver2 (CVE-2002-0965)

A buffer overflow vulnerability has been reported in TNS Listener for Oracle 9i Database Server on Windows systems. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS7.5AI score0.6981EPSS
Exploits3
Total number of security vulnerabilities13538