Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2013/08/20 12:0 a.m.•4 views

PHP xml_parse_into_struct Heap Memory Corruption (CVE-2013-4113)

A heap memory corruption vulnerability exists in xmlparseintostruct function in PHP...

6.8AI score0.05186EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/20 12:0 a.m.•32 views

Microsoft DirectShow Remote Code Execution (MS13-056; CVE-2013-3174)

A remote code execution vulnerability has been reported in the Microsoft DirectShow. The vulnerability is due to faulty GIF image files parsing. A remote attacker could trigger this flaw by convincing a victim to open a specially crafted GIF file. A successfull exploitation of this vulnerability...

9.3CVSS7AI score0.31979EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/08/20 12:0 a.m.•20 views

Web Servers Malicious URL Directory Traversal

There exists a directory traversal vulnerability On different web servers...

7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/19 12:0 a.m.•12 views

ISC BIND RDATA Handling Assertion Failure Denial of Service (CVE-2012-4244; CVE-2013-4854)

A denial of service vulnerability exists in ISC BIND. The vulnerability is due to an assertion failure that occurs when handling malformed RDATA. A remote attacker could exploit this vulnerability by sending a DNS query response with a specially crafted resource record to an affected server...

7.8CVSS7.1AI score0.36798EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/16 12:0 a.m.•37 views

Non Compliant SSL (CVE-2003-0719; CVE-2004-0826)

A vulnerability exists in SSL library. Remote attacker could construct a specially crafted SSL negotiation packet that could cause the library to crash...

7.5CVSS6.1AI score0.83412EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/08/14 12:0 a.m.•2 views

Joomla Unauthorized File Upload Remote Code Execution

A remote code execution vulnerability has been reported in Joomla. The vulnerability is due to improper validation of an uploaded file's extension. A remote attacker may exploit this issue by uploading a specially crafted php file. Successful exploitation would allow an attacker to execute...

8.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•15 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3188)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

9.3CVSS7.1AI score0.27637EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•8 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3194)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.19338EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•24 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3193)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.19338EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•15 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3184)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

9.3CVSS7.1AI score0.58427EPSS
Exploits8
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•2 views

Cisco OSPF LSA Manipulation Denial of Service (CVE-2013-0149)

A denial of service vulnerability has been reported in Multiple Cisco Products...

6.3AI score0.02476EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•11 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3191)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.19495EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•19 views

Microsoft .NET Framework Array Access Violation (MS13-052; CVE-2013-3131; CVE-2013-3134)

A remote code execution vulnerability exists in the way the .NET Framework handles multidimensional arrays of small structures. The vulnerability is caused when the .NET Framework improperly handles multidimensional arrays of small structures. An attacker who successfully exploited this...

9.3CVSS7.2AI score0.22008EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•15 views

Microsoft DirectAccess ICMP Denial of Service (MS13-064; CVE-2013-3182)

A denial of service vulnerability has been reported in Windows 2012 server...

6.2AI score0.95888EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•2 views

Microsoft Windows ICMPv6 Router Advertisement Denial of Service (MS13-065; CVE-2013-3183)

There exists a denial of service vulnerability in Windows TCP/IP stack...

6.2AI score0.80473EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•10 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3199)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.19338EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•10 views

Microsoft Active Directory Federation Services Information Disclosure (MS13-066; CVE-2013-3185)

An information disclosure vulnerability exists in Active Directory Federation Services AD FS that could allow the unintentional disclosure of account information...

5.7AI score0.41432EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•11 views

Canon Wireless Printer Denial Of Service (CVE-2013-4615)

A Denial Of Service vulnerability has been reported in a Canon Wireless Printer...

6.3AI score0.15641EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•16 views

Microsoft Windows RPC Elevation Of Privilege (MS13-062; CVE-2013-3175)

An elevation of privilege vulnerability exists in the way that Windows handles asynchronous RPC requests...

6.4AI score0.27538EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•14 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3189)

A remote code execution vulnerability has been reported in Internet Explorer...

7.4AI score0.20058EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•15 views

Microsoft Windows Uniscribe Font Parsing Engine Memory Corruption (MS13-060; CVE-2013-3181)

A remote code execution vulnerability exists in the Unicode Scripts Processor included in affected versions of Microsoft Windows...

7.2AI score0.20444EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/13 12:0 a.m.•9 views

Microsoft Internet Explorer Memory Corruption (MS13-059: CVE-2013-3187)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a user to open a...

9.3CVSS7.1AI score0.19338EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/08/12 12:0 a.m.•145 views

Web Servers Malicious HTTP Request Directory Traversal (CVE-2005-3299; CVE-2014-7174; CVE-2022-1476; CVE-2022-29806)

There exists a directory traversal vulnerability On different web servers. The vulnerability is due to an input validation error in a web server that does not properly sanitize the parameters in request body for the directory traversal patterns. Successful exploitation allows unauthenticated remo...

7.5CVSS7.5AI score0.66317EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2013/08/11 12:0 a.m.•6 views

Oracle Java sun.awt.image.ImagingLib.lookupByteBI Buffer Overflow (CVE-2013-2463)

A heap buffer overflow vulnerability exists in Oracle Java. The vulnerability is due to improper bounds checking during a call to sun.awt.image.ImagingLib.lookupByteBI method. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted web page...

10CVSS7.2AI score0.10179EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/06 12:0 a.m.•0 views

SugarCRM unserialize() PHP Code Execution

A remote code execution vulnerability has been reported in SugarCRM servers 6.3.1 and below. The vulnerability is due to an error while parsing the user data to currentquerybypage parameter. Remote authenticated attacker can exploit this vulnerability by sending malicious command to the affected...

8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/08/06 12:0 a.m.•39 views

MoinMoin twikidraw Action Directory Traversal (CVE-2012-6081)

A directory traversal vulnerability has been reported in MoinMoin server application. The vulnerability is caused due to improper sanitization of query strings from the path. A remote attacker can exploit this vulnerability by sending crafted requests to the affected server. Successful exploitati...

6CVSS7.2AI score0.30566EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2013/08/04 12:0 a.m.•2 views

Oracle MySQL Server Geometry Query Denial Of Service (CVE-2013-1861)

A denial of service vulnerability has been reported in MySQL database server...

5.7AI score0.18675EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/08/04 12:0 a.m.•8 views

Apache Struts Open Redirect Arbitrary Website Redirection (CVE-2013-2248)

An open redirect vulnerability has been reported in Apache Struts...

7.8AI score0.94654EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/08/04 12:0 a.m.•1 views

Sysax Multi-Server SSHD Key Exchange Denial of Service

A denial of service vulnerability has been reported in Sysax Multi-Server 6.10...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/30 12:0 a.m.•13 views

HP Data Protector CRS Opcode 234 Stack Buffer Overflow (CVE-2013-2326)

A buffer overflow has been reported in HP Data Protector. The vulnerability exists in the Cell Request Service crs.exe, which listens on a randomly chosen port. The application fails to sanitize input with opcode 234, which can result in a stack buffer overflow. A remote, unauthenticated attacker...

10CVSS7.7AI score0.61043EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/30 12:0 a.m.•10 views

Sysax Multi-Server Create Folder Buffer Overflow (CVE-2012-6530)

A buffer overflow vulnerability had been reported in Sysax Multi Server 5.64 Create Folder. The vulnerability is due to insufficient boundary check when creating a new folder. A remote attacker can exploit this weakness by entering a very long folder name. Successful exploitation could result in...

7.1CVSS7.5AI score0.46074EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/07/28 12:0 a.m.•1 views

Apple Safari webarchive File Format UXSS

A UXSS stack vulnerability has been reported in the Apple Safari webarchive File Format...

6.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/28 12:0 a.m.•8 views

Samba SetInformationPolicy AuditEventsInfo Heap Overflow (CVE-2012-1182)

A heap overflow vulnerability has been reported in Samba daemon. The vulnerability is due to an error on the PIDL auto-generated code in the LSA RPC service of the Samba daemon. Remote attackers could exploit this vulnerability by making a specially crafted call to SetInformationPolicy to set a...

10CVSS9.9AI score0.74034EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/07/25 12:0 a.m.•9 views

Apache Struts Remote Command Execution (CVE-2013-2251)

A Remote command execution vulnerability has been reported in Apache Struts. The vulnerability is due to a design flaw which allows attackers to manipulate parameters prefixed with action: redirect: redirectAction:...

9.3CVSS8AI score0.99998EPSS
Exploits18
Check Point Advisories
Check Point Advisories
•added 2013/07/25 12:0 a.m.•7 views

ClamAV UPX File PE parsing Memory Access Error (CVE-2013-2020)

A memory access error vulnerability exists in ClamAV antivirus software. The vulnerability is due to an errors in "pe.c" while parsing UPX-packed executable files. Remote attackers could exploit the vulnerability to cause a denial of service condition. Successful exploitation would lead to...

5CVSS8.6AI score0.03547EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/23 12:0 a.m.•21 views

Trimble Navigation SketchUp PICT File Buffer Overflow - Improved Performance (CVE-2013-3664)

A remote code execution vulnerability has been reported in Trimble SketchUp. The vulnerability is due to a stack buffer overflow while processing PICT files which contain a malicious number of ARGB entries. A remote attacker can exploit this vulnerability by enticing a target user to open a...

9.3CVSS7.5AI score0.29778EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•1 views

HP System Management Homepage iprange Parameter Code Execution

A code execution vulnerability exists in HP System Management Homepage SMH...

7.6AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•2 views

Dell SonicWALL GMS Arbitrary File Upload

An arbitrary file upload vulnerability has been reported in SonicWALL GMS 6...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•15 views

Oracle MySQL Server InnoDB Memcached Plugin Resource Exhaustion - High Confidence (CVE-2013-1570)

A memory exhaustion vulnerability has been reported in the InnoDB memcached plugin component of Oracle MySQL Server. This vulnerability is due to incorrect freeing of allocated memory when processing certain type of requests. A remote unauthenticated attacker can exploit this vulnerability by...

5CVSS5.4AI score0.02661EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•2 views

Kordil EDMS Unauthenticated File Upload

An arbitrary file upload vulnerability has been reported in Kordil EDMS. The vulnerability is due improper script verification...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•18 views

FreeBSD NFS Server READDIR Request Memory Corruption (CVE-2013-3266)

A memory corruption vulnerability has been reported in nfsrvdreaddir function in FreeBSD NFS server. The vulnerability is due to insufficient sanitation of READDIR requests and can result in the underlying filesystem to interpret a file as a directory. A remote attacker can exploit this...

7.5CVSS7.3AI score0.0351EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•2 views

PhpTax pfilez Remote Code Execution

A remote code execution vulnerability exits in PHPTax application...

8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•2 views

Lianja SQL db_netserver Stack Buffer Overflow

A stack buffer overflow vulnerability has been reported in Lianja SQL Server...

8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•50 views

IBM Tivoli Endpoint Manager POST Query Buffer Overflow (CVE-2011-1220)

A stack based buffer overflow in IBM Tivoli Endpoint...

6.8AI score0.62663EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•6 views

IBM Notes PNG Image Parsing Integer Overflow (CVE-2013-2977)

A code execution vulnerability has been reported in IBM Notes formerly Lotus Notes. The vulnerability is due to an integer overflow while parsing PNG images. A remote unauthenticated attacker can exploit this vulnerability by enticing the target user to view a malicious email. Successful...

6.8CVSS7.9AI score0.04687EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•43 views

Microsoft RPC Services Path Canonicalization Remote Code Execution (CVE-2008-4250)

A remote code execution vulnerability has been reported in applications based on the SMB protocol...

9.5AI score0.98751EPSS
Exploits12
Check Point Advisories
Check Point Advisories
•added 2013/07/21 12:0 a.m.•29 views

Ektron XSLT Transform Remote Code Execution (CVE-2012-5357)

A remote code execution vulnerability has been reported in Ektron CMS in XslCompiledTransform class...

9.5AI score0.67776EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2013/07/15 12:0 a.m.•3 views

SAP NetWeaver SOAP Request SXPG_COMMAND_EXECUTE Command Execution

A remote command execution vulnerability has been reported in SAP NetWeaver's SOAP interface. The vulnerability is due to insufficient validation of incoming SOAP requests. A remote, authenticated attacker can exploit this vulnerability by sending a specially crafted SOAP request to the affected...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/07/14 12:0 a.m.•4 views

Oracle Java sun.awt.image.ImagingLib.lookupByteBI Memory Corruption (CVE-2013-2470)

A memory corruption vulnerability has been reported in Oracle Java. The vulnerability is due to access of uninitialized memory during a call to sun.awt.image.ImagingLib.lookupByteBI method. A remote attacker can exploit this vulnerability by enticing the target user to visit a specially crafted w...

10CVSS7.1AI score0.22988EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/07/14 12:0 a.m.•11 views

HP Data Protector CRS Opcode 259 Stack Buffer Overflow (CVE-2013-2329)

A stack buffer overflow has been reported in HP Data Protector. The vulnerability is in the CRS.exe service, which listens on a randomly chosen port. The application fails to sanitize input with opcode 259, which can result in a stack buffer overflow. A remote, unauthenticated attacker can exploi...

10CVSS7.6AI score0.61043EPSS
Exploits4
Total number of security vulnerabilities13538