Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2013/10/07 12:0 a.m.•26 views

IBM Lotus Quickr qp2.cab ActiveX Control Integer Overflow (CVE-2013-3026)

A buffer overflow vulnerability exists in IBM Lotus Quickr for Domino. The vulnerability is due to an integer overflow within the qp2.cab ActiveX control. A remote attacker can exploit this vulnerability by enticing a target user to visit a crafted web page using Internet Explorer. Successful...

9.3CVSS7.3AI score0.02898EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/07 12:0 a.m.•2 views

HP ProCurve Manager SNAC GetDomainControllerServlet Policy Bypass

A policy bypass vulnerability has been reported in HP ProCurve Manager SNAC. The vulnerability is due to a design weakness in the GetDomainControllerServlet class. A remote attacker could exploit the vulnerability by sending specially crafted data to a vulnerable version of the software. Successf...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/06 12:0 a.m.•14 views

HP LoadRunner XDR Data Handling Heap Buffer Overflow (CVE-2013-4799)

A heap buffer overflow vulnerability exists in HP LoadRunner. The vulnerability is due to an insufficient check on the length value of XDR encoded data within an incoming request. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted request to the...

7.6CVSS6.9AI score0.08249EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/10/06 12:0 a.m.•38 views

Foreman Red Hat OpenStack bookmarks Code Injection (CVE-2013-2121)

A remote code execution vulnerability has been reported in ForemanRed Hat OpenStack. The vulnerability is due to improper sanitization of certain parameters. A remote attacker can exploit this issue by sending a specially crafted packet to the target server. Successful exploitation would allow an...

6CVSS7.7AI score0.24782EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/09/30 12:0 a.m.•5 views

TCP Off Path Sequence Number Inference

An Internet connection hijack vulnerability has been reported in network devices...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/30 12:0 a.m.•2 views

PineApp Mail-SeCure confpremenu.php Install License Command Injection

A command injection vulnerability has been reported in PineApp Mail-SeCure...

7.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/30 12:0 a.m.•7 views

Oracle Java Runtime Environment ShortComponentRaster.verify Memory Corruption (CVE-2013-2472)

A memory corruption vulnerability exists in Oracle's Java Runtime. The vulnerability is due to insufficient input validation on ShortComponentRaster.verify method parameters which will lead to bypassing of "dataOffsets0" boundary checks when the "numDataElements" field is 0. A remote attacker can...

10CVSS7.2AI score0.22988EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/29 12:0 a.m.•56 views

Multiple Products XML System External Entity Information Disclosure (CVE-2013-3617; CVE-2013-4152; CVE-2013-6429; CVE-2014-0002; CVE-2014-0054; CVE-2014-0423)

A XML external entity XXE vulnerability exists in multiple products. The vulnerability is due to incorrectly configured XML parsing which accepts XML external entities from untrusted sources. A remote, unauthenticated attacker can leverage this vulnerability by sending a malicious request to the...

7.5CVSS6.2AI score0.91354EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2013/09/29 12:0 a.m.•39 views

XnView PCT File Processing Buffer Overflow (CVE-2013-2577)

A buffer overflow vulnerability exists in XnView. The vulnerability is due to a boundary error in processing image data in certain PCT files. An attacker can exploit this vulnerability by enticing a user to open a maliciously crafted file. A successful attack can lead to arbitrary code execution ...

9.3CVSS9.5AI score0.11839EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/09/29 12:0 a.m.•41 views

HP Data Protector CRS Opcode 235 Stack Buffer Overflow (CVE-2013-2325)

A stack buffer overflow has been discovered in HP Data Protector. The vulnerability exists in the Cell Request service crs.exe, which listens on a randomly chosen port. The application fails to sanitize input with opcode 235, which can result in a stack buffer overflow. A remote, unauthenticated...

10CVSS6.9AI score0.61043EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/29 12:0 a.m.•52 views

Multiple Products XML Public External Entity Information Disclosure (CVE-2013-3617; CVE-2013-4152; CVE-2013-6429; CVE-2014-0002; CVE-2014-0423)

A XML external entity XXE vulnerability exists in multiple products. The vulnerability is due to incorrectly configured XML parsing which accepts XML external entities from untrusted sources. A remote, unauthenticated attacker can leverage this vulnerability by sending a malicious request to the...

7.5CVSS6.2AI score0.90455EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•3 views

PHP php_quot_print_encode Heap Buffer Overflow (CVE-2013-2110)

A heap buffer vulnerability exists in phpquotprintencode function in PHP...

6.5AI score0.06748EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•5 views

Mozilla Firefox XMLSerializer use-after-free (CVE-2013-0753)

A use-after-free vulnerability has been reported in Mozilla Firefox...

6.6AI score0.51324EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•69 views

HP SiteScope SOAP Call runOMAgentCommand Command Injection (CVE-2013-2367)

A command injection vulnerability exists in HP SiteScope SOAP component...

7AI score0.68895EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•12 views

Sun Java Web Start Double Quote Injection (CVE-2012-1533)

A remote code execution vulnerability has been in Java Web Start...

6.1AI score0.68532EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•4 views

Apple QuickTime enof Atom Parsing Heap Buffer Overflow (CVE-2013-0986)

A remote code execution vulnerability has been reported in Apple QuickTime...

7.3AI score0.04954EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•1 views

PineApp Mail-SeCure confpremenu.php Export Log Command Injection

A command execution vulnerability has been reported in PineApp Mail-SeCure...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•20 views

Trimble Navigation SketchUp BMP File Buffer Overflow (CVE-2013-3664)

A remote code execution vulnerability exists in Trimble Navigation's Sketchup...

7.3AI score0.29778EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•18 views

HP LeftHand Virtual SAN Appliance Hydra Login Code Execution (CVE-2012-3284)

A Code Execution vulnerability has been reported in HP LeftHand Virtual SAN Appliance...

6.7AI score0.08695EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•2 views

PineApp Mail-SeCure conflivelog.pl Command Injection

A command injection vulnerability exists in PineApp Mail-SeCure. The vulnerability is due to an input validation error in conflivelog.pl of the administration interface. A remote attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable server. Successful...

7.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•4 views

appRain CMF Arbitrary PHP File Upload (CVE-2012-1153)

An arbitrary file upload vulnerability has been reported in appRain's Content Management Framework...

6.6AI score0.32413EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•34 views

Multiple DNS NO SUCH NAME Error Responses (CVE-2012-0006)

The Domain Name System DNS is an hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. When a DNS client needs to look up a name used in a program, it queries DNS servers to resolve the name. If the query names are...

5CVSS6.2AI score0.31083EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•38 views

ScadaTEC ScadaPhone and ModbusTagServer SCADA Remote Code Execution (CVE-2011-4535)

A stack buffer overflow vulnerability has been reported in ScadaTEC ScadaPhone and ModbusTagServer...

6.9AI score0.27003EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•57 views

Apple QuickTime alis Volume Name Parsing Stack Buffer Overflow (CVE-2013-1017)

A stack buffer overflow vulnerability has been reported in Apple QuickTime...

6.7AI score0.32553EPSS
Exploits11
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•30 views

Tiki Wiki PHP unserialize() Remote Code Execution (CVE-2012-0911)

A remote code execution vulnerability has been reported in Tiki Wiki...

7.4AI score0.62989EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•44 views

HP LoadRunner WriteFileString Directory Traversal - ver 2 (CVE-2013-4798)

A directory traversal and file overwrite vulnerability exists in HP LoadRunner. The vulnerability is due to insufficient input sanitization, which permits directory traversal in theWriteFileString method. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to visi...

10CVSS6.3AI score0.67723EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•15 views

Procyon Core Server HMI Memory Corruption SCADA Remote Code Execution (CVE-2011-3322)

A remote overflow vulnerability has been reported in Procyon Core Server HMI service...

3.4AI score0.65312EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/09/22 12:0 a.m.•54 views

HP LoadRunner lrFileIOService ActiveX Control Input Validation Error (CVE-2013-2370)

An input validation error has been reported in HP LoadRunner...

6.4AI score0.62764EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/09/19 12:0 a.m.•42 views

Chasys Draw IES BMP Buffer Overflow (CVE-2013-3928)

A buffer overflow vulnerability has been reported in Chasys Draw IES. The vulnerability is due to an image parsing input validation error in Chasys Draw IES when parsing a file in BMP format. A remote attacker could trigger this issue via a specially crafted BMP file. Successful exploitation will...

9.3CVSS7.2AI score0.37328EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/09/18 12:0 a.m.•25 views

Microsoft Internet Explorer Memory Corruption (CVE-2013-3893)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.8593EPSS
Exploits18
Check Point Advisories
Check Point Advisories
•added 2013/09/17 12:0 a.m.•72 views

Oracle Endeca Server createDataStore Remote Command Execution (CVE-2013-3763)

A command execution vulnerability exists in Oracle Endeca Server. The vulnerability is due to the controlSoapBinding web service exposing the createDataStore method which contains a flaw that allows for the injection of arbitrary commands. A remote, unauthenticated attacker could exploit this...

5.5CVSS6.9AI score0.5984EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/09/16 12:0 a.m.•2 views

VLC Media Player ABC File Parts Field Parsing Heap Integer Overflow

A remote code execution vulnerability has been reported in the libmodplug library used by VLC Media Player. The vulnerability is due to an error while parsing Parts field in ABC files which can result in an integer overflow. A remote attacker can exploit this vulnerability by enticing an...

7.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/15 12:0 a.m.•9 views

Scada Engine BACnet OPC Client SCADA Remote Code Execution (CVE-2010-4740)

A buffer overflow vulnerability has been reported in SCADA Engine's BACnet OPC Client. The vulnerability is due to a boundary check error. A remote attacker may exploit this issue by sending specially crafted malicious file to be opened using the affected product. Successful exploitation could...

9.3CVSS7.5AI score0.41619EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/09/11 12:0 a.m.•9 views

HP Data Protector CRS Multiple Opcodes Stack Buffer Overflow (CVE-2013-2324)

A buffer overflow vulnerability has been reported in HP Data Protector. The vulnerability exists in the Cell Request Service CRS.exe, which listens on a randomly chosen port. The application fails to sanitize input with opcodes 207, 210, 236, 243, and 265 which can result in a stack buffer...

10CVSS7.7AI score0.39116EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•20 views

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3207)

A remote code execution vulnerability exists in Internet Explorer...

3.1AI score0.19345EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•6 views

Microsoft Word Memory Corruption (MS13-072: CVE-2013-3854)

A remote code execution vulnerability has been reported in Microsoft Word...

7.3AI score0.20145EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•16 views

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3206)

A remote code execution vulnerability exists in Internet Explorer...

7.3AI score0.19345EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•11 views

Microsoft Excel Read Access Violation Remote Code Execution (MS13-073; CVE-2013-3158)

A remote code execution vulnerability has been reported in Microsoft Excel...

7.3AI score0.18778EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•6 views

Microsoft Word Memory Corruption (MS13-072: CVE-2013-3856)

A remote code execution vulnerability has been reported in Microsoft Word...

7.3AI score0.20145EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3209)

A remote code execution vulnerability exists in Internet Explorer...

7.3AI score0.19189EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•10 views

Microsoft Word Memory Corruption (MS13-072: CVE-2013-3852)

A remote code execution vulnerability has been reported in Microsoft Word...

7.3AI score0.20043EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•17 views

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3208)

A remote code execution vulnerability exists in Internet Explorer...

7.4AI score0.19345EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•6 views

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3845)

A Remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7AI score0.19345EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•8 views

Microsoft LDAP Remote Anonymous Denial of Service (MS13-079; CVE-2013-3868)

A denial of service vulnerability exists in implementations of Microsoft Active Directory...

6.1AI score0.38293EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•3 views

WPD files

WordPerfect documents have common file extensions ".WP" and ".WPD", which is used by Corel's proprietary word processing application, WordPerfect. Its popularity was based on the fact that it had been available for a wide variety of computers and operation systems, including Mac OS, Linux, and...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•12 views

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3204)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7.3AI score0.19189EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•11 views

Microsoft SharePoint POST Cross-site Scripting (MS13-067; CVE-2013-3180)

An elevation of privilege exists in Microsoft SharePoint Server...

6.3AI score0.65573EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•26 views

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3203)

A remote code execution vulnerability has been reported in Microsoft Internet Explorer...

7.3AI score0.23912EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•16 views

Microsoft Internet Explorer Memory Corruption (MS13-069: CVE-2013-3205)

A remote code execution vulnerability exists in Internet Explorer...

7.3AI score0.66277EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/09/10 12:0 a.m.•23 views

Microsoft FrontPage XML Information Disclosure (MS13-078; CVE-2013-3137)

An information disclosure vulnerability exists in FrontPage...

5.8AI score0.32444EPSS
Exploits1
Total number of security vulnerabilities13538