Lucene search
K
Checkpoint AdvisoriesRecent

13538 matches found

Check Point Advisories
Check Point Advisories
•added 2013/02/05 12:0 a.m.•33 views

EMC AlphaStor Device Manager Command Injection - Improved performance (CVE-2013-0928)

A remote command execution vulnerability has been reported in EMC AlphaStor Device Manager. The vulnerability is due to improper input validation. A remote attacker can exploit this issue by sending a malicious request containing a specially crafted parameter to the target server. Successful...

9.3CVSS6.8AI score0.34468EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2013/01/29 12:0 a.m.•24 views

Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading (MS11-003) - ver 2 (CVE-2011-0038)

A code execution vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer handles the loading of IESHIMS.DLL. A remote attacker can exploit this vulnerability by enticing a target user to save a maliciously crafted dynamic link library DLL file on...

9.3CVSS6.9AI score0.11153EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/29 12:0 a.m.•32 views

Cisco Prime LAN Management Solution Remote Command Execution (CVE-2012-6392)

A remote command execution vulnerability exists in Cisco Prime LAN Management Solution. The vulnerability is due to use of non encrypted connection with the server. A successful exploitation would allow the attacker to execute commands, and send files...

10CVSS6.8AI score0.04635EPSS
Exploits4
Check Point Advisories
Check Point Advisories
•added 2013/01/20 12:0 a.m.•6 views

Adobe Reader Crafted JP2K Heap Overflow (APSB13-02; CVE-2013-0621)

Adobe Reader is vulnerable to a heap overflow when parsing a specially crafted JP2K object...

6.6AI score0.0784EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/20 12:0 a.m.•5 views

Adobe Reader Crafted XSL Remote Code Execution (APSB13-02; CVE-2012-1530)

Adobe Reader is vulnerable to arbitrary code execution when a certain function is called from a specially crafted XSL file embedded within a PDF file...

7.2AI score0.08571EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/20 12:0 a.m.•24 views

Digium Asterisk HTTP Management Interface Stack Overflow (CVE-2012-5976; CVE-2013-2686)

A stack overflow vulnerability has been reported in Digium Asterisk. The vulnerability is due to an unchecked memory allocation on the stack, which can result in a stack overflow or writing of attacker-controlled data to arbitrary memory locations. A remote attacker can use this vulnerability by...

5CVSS6.7AI score0.03032EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/20 12:0 a.m.•10 views

Adobe Reader Stack Exhaustion Code Execution (APSB13-02; CVE-2013-0626)

A stack buffer overflow exists in Adobe Reader. The vulnerability is due to an error when parsing a specially crafted PDF file. Successful exploitation would cause the application to crash, resulting in a denial of service condition...

10CVSS6.5AI score0.0784EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/01/20 12:0 a.m.•6 views

Adobe Acrobat Reader Open Type Integer Overflow (APSB13-02; CVE-2013-0604)

Adobe Reader is vulnerable to an integer overflow when parsing specially crafted Open Type font files...

6.6AI score0.09552EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/20 12:0 a.m.•13 views

Adobe Acrobat Reader Hybrid File Cross-Site Scripting (APSB13-02; CVE-2013-0624)

A remote security bypass vulnerability allows attackers to bypass intended access restrictions via unspecified vectors...

6.4AI score0.04627EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/20 12:0 a.m.•8 views

Adobe Reader Malformed JavaScript Security Bypass (APSB13-02; CVE-2013-0622)

A remote security bypass vulnerability allows attackers to bypass intended access restrictions via unspecified vectors...

5.4AI score0.05682EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/20 12:0 a.m.•8 views

Ruby on Rails XML Processor YAML Deserialization Code Execution (CVE-2013-0156)

A remote code execution vulnerability exists in Ruby on Rails...

9.7AI score0.99449EPSS
Exploits21
Check Point Advisories
Check Point Advisories
•added 2013/01/17 12:0 a.m.•7 views

Adobe Acrobat Reader True Type Font Parsing Remote Code Execution (APSB13-02; CVE-2013-0623)

Adobe Acrobat Reader is vulnerable to a parsing logic error in True Type Font handling. The vulnerability is due to an out of bound memory read and write access. Successful exploitation could cause the application to crash and possibly lead to code execution...

10CVSS6.5AI score0.05262EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/15 12:0 a.m.•34 views

NFR Agent Heap Overflow (CVE-2012-4956)

...

10CVSS6.4AI score0.3772EPSS
Exploits22
Check Point Advisories
Check Point Advisories
•added 2013/01/15 12:0 a.m.•5 views

Novell File Reporter Agent Arbitrary File Delete (CVE-2011-2750)

A policy bypass vulnerability exists in Novell File Reporter. The vulnerability allow a remote attacker to delete arbitrary files using OPERATION 4 commands, respectively.A remote unauthenticated attacker can leverage the vulnerability to delete arbitrary files, including system files, from the...

5CVSS6.6AI score0.16676EPSS
Exploits5
Check Point Advisories
Check Point Advisories
•added 2013/01/14 12:0 a.m.•27 views

Microsoft Internet Explorer Cloned Object Memory Corruption (MS09-002; CVE-2009-0075)

A vulnerability exists in the way Internet Explorer 7 accesses an object that has been deleted, which can cause memory corruption. In an attack case where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in suc...

6.9AI score0.85277EPSS
Exploits9
Check Point Advisories
Check Point Advisories
•added 2013/01/14 12:0 a.m.•4 views

Nagios history.cgi Parameter Buffer Overflow

A stack buffer overflow vulnerability exists in Nagios. The vulnerability is due to insufficient validation of the host parameter. An authenticated user can exploit this vulnerability by sending an overly long host value to the affected application...

7.2AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/14 12:0 a.m.•6 views

Apache Tomcat NIO Connector Denial of Service (CVE-2012-4534)

A denial of service vulnerability has been reported in Apache Tomcat. The vulnerability is due to an infinite loop in NIO Connector when a client breaks the connection in the middle of reading the response for a request to a big file. An unauthenticated, remote attacker can exploit this...

2.6CVSS8.7AI score0.07452EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/01/13 12:0 a.m.•38 views

Dell SonicWALL Scrutinizer SQL Injection (CVE-2012-2962)

An SQL injection vulnerability has been reported in Dell SonicWALL Scrutinizer...

7.7AI score0.66828EPSS
Exploits7
Check Point Advisories
Check Point Advisories
•added 2013/01/13 12:0 a.m.•16 views

Apple QuickTime ActiveX Control Clear Method Use-After-Free (CVE-2012-3754)

A use-after-free vulnerability has been reported in Apple QuickTime's ActiveX control...

6.3AI score0.04365EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/01/13 12:0 a.m.•4 views

GIMP XWD File Handling Stack Buffer Overflow (CVE-2012-5576)

A stack-based buffer overflow vulnerability exists in GNU Image Manipulation Program GIMP...

6.8AI score0.06813EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/01/13 12:0 a.m.•3 views

Foxit Reader Insecure Library Loading

A code execution vulnerability has been reported in Foxit Reader. The vulnerability is due to an error in a dynamic link library DLL search path. A remote attacker could exploit this vulnerability by enticing a user to open a file from a directory, which also contains a malicious DLL. Successful...

8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/13 12:0 a.m.•13 views

Oracle Java JmxMBeanServer Package Sandbox Breach (CVE-2013-0422)

Two vulnerabilities have been reported in Oracle Java that can be used to breach the security sandbox. The first vulnerability is due to an access control failure in the com.sun.jmx.mbeanserver package. The second vulnerability is due to an access control failure in the invokeWithArguments method...

10CVSS6.6AI score0.97612EPSS
Exploits38
Check Point Advisories
Check Point Advisories
•added 2013/01/13 12:0 a.m.•12 views

VideoLAN VLC Media Player PNG Code Execution (CVE-2012-5470)

A buffer overread vulnerability has been reported in VideoLAN VLC Media Player...

6.5AI score0.05848EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/01/13 12:0 a.m.•36 views

Webmin show.cgi Command Execution (CVE-2012-2982)

A command execution vulnerability has been reported in Webmin...

6.6AI score0.61925EPSS
Exploits10
Check Point Advisories
Check Point Advisories
•added 2013/01/13 12:0 a.m.•26 views

Novell File Reporter FSFUI Arbitrary File Retrieval (CVE-2012-4958)

A file retrieval vulnerability has been reported in Novell File Reporter. The vulnerability is due to lack of authorization on certain requests, resulting in the retrieval of the contents of a file. A remote attacker can exploit this issue by sending a specially crafted request to the affected...

7.8CVSS6.4AI score0.73514EPSS
Exploits21
Check Point Advisories
Check Point Advisories
•added 2013/01/09 12:0 a.m.•4 views

Wibu-Systems WibuKey Runtime for Windows ActiveX Control Buffer Overflow

A stack-based buffer overflow vulnerability has been reported in Wibu-Systems WibuKey Runtime for Windows...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•15 views

FreeBSD nfsd NFS Mount Request Data Length Denial of Service (CVE-2006-0900)

A denial of service vulnerability was detected in the NFS server. An error was detected in the part of the NFS server code that handles incoming RPC messages via TCP. When the server receives a message with a zero-length payload, it would cause a NULL pointer dereference, allowing a remote attack...

7.8CVSS6.3AI score0.64373EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•16 views

Oracle Database Control Component Denial of Service (CVE-2007-5530)

There exists a denial of service vulnerability in the Oracle Database Server...

6AI score0.02238EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•29 views

Microsoft SSL and TLS Protocol Security Feature Bypass (MS13-006; CVE-2013-0013)

A security feature bypass vulnerability has been reported in the Microsoft Windows SSL/TLS...

6.3AI score0.06351EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•4 views

Eaton MGE Network Shutdown Module Remote PHP Code Injection

A remote code execution vulnerability has been reported in Eaton MGE Network Shutdown Module...

8AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•31 views

Microsoft System Center Operations Manager Cross-Site Scripting (MS13-003; CVE-2013-0009)

A cross-site scripting vulnerability has been reported in Microsoft System Center Operations Manager...

5.7AI score0.1364EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•14 views

CA BrightStor ARCserve Backup Discovery Service Buffer Over-Read (CVE-2008-1979)

There exists a denial of service vulnerability in CA ARCserve Backup Discovery service. The vulnerability is due to insufficient input validation by the Discovery service. A remote unauthenticated attacker may exploit this vulnerability by sending a crafted message to the target server. Successfu...

5CVSS6.2AI score0.03634EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•25 views

Microsoft OData WCF Replace Denial of Service (MS13-007; CVE-2013-0005)

A denial of service vulnerability has been reported in the OData specification...

6.2AI score0.32096EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•3 views

Adobe Flash Player Malformed Actions Remote Code Execution (APSB12-22; CVE-2012-5268)

A remote code execution vulnerability has been reported in Adobe Flash Player...

7.4AI score0.04727EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•3 views

NetDecision NOCVision Server Directory Traversal

Multiple directory traversal vulnerabilities have been reported NetDecision NOCVision...

7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•19 views

Microsoft SCOM Web Console Cross-Site Scripting (MS13-003; CVE-2013-0010)

A cross-site scripting vulnerability has been reported in Microsoft System Center Operations Manager...

5.7AI score0.16618EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•37 views

Microsoft Windows MSXML XSLT Remote Code Execution (MS13-002; CVE-2013-0007)

A remote code execution vulnerability has been reported in Microsoft Windows...

7.3AI score0.31574EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/01/08 12:0 a.m.•24 views

Webmin edit_html.cgi file Parameter Traversal Arbitrary File Access (CVE-2012-2983)

A directory traversal has been reported in Webmin...

6.4AI score0.20456EPSS
Exploits3
Check Point Advisories
Check Point Advisories
•added 2013/01/07 12:0 a.m.•1 views

IBM Lotus Notes Lotus 1-2-3 Work Sheet File Viewer Code Execution

A buffer overflow vulnerability exists in IBM Lotus Notes...

7.3AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/07 12:0 a.m.•33 views

Digium Asterisk IAX2 POKE Request Denial of Service (CVE-2008-3263)

A denial of service vulnerability has been reported in Digium Asterisk...

6.2AI score0.28EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/01/07 12:0 a.m.•56 views

Cisco Linksys PlayerPT ActiveX Control Buffer overflow (CVE-2012-0284)

A remote code execution vulnerability has been reported in Cisco Linksys PlayerPT...

7.4AI score0.36317EPSS
Exploits6
Check Point Advisories
Check Point Advisories
•added 2013/01/07 12:0 a.m.•3 views

RabidHamster Log Entry sprintf() Buffer Overflow

A heap buffer overflow vulnerability exists in RabidHamster R4 web server...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/07 12:0 a.m.•33 views

Microsoft Exchange and Outlook TNEF Decoding Code Execution (CVE-2006-0002)

A buffer overflow vulnerability exists in the way Microsoft Exchange and Microsoft Outlook process TNEF encoded messages...

6.7AI score0.45584EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/07 12:0 a.m.•22 views

ClamAV UPX File Handling Heap Code Execution (CVE-2006-4018)

A heap buffer overflow vulnerability exists in the ClamAV AntiVirus product...

6.8AI score0.19058EPSS
Exploits1
Check Point Advisories
Check Point Advisories
•added 2013/01/07 12:0 a.m.•24 views

IBM Lotus Notes WPD Attachment Handling Code Execution (CVE-2008-4564)

A stack-based buffer overflow vulnerability exists in the IBM Lotus Notes WPD...

6.7AI score0.06757EPSS
Exploits2
Check Point Advisories
Check Point Advisories
•added 2013/01/06 12:0 a.m.•6 views

Kerberos Multi-realm KDC NULL Pointer Dereference Denial of Service (CVE-2013-1418)

A denial of service vulnerability has been reported in Kerberos. The vulnerability is due to a NULL pointer dereference within the setupserverrealm function when Kerberos is configured to serve multiple realms. A remote attacker can exploit this vulnerability by sending a malicious request to a...

6.2AI score0.05508EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/06 12:0 a.m.•7 views

RealNetworks RealPlayer WAV File Processing Code Execution (CVE-2005-0611)

A flaw exists in the way RealPlayer processes files encoded using the WAVE format. The vulnerability occurs when RealPlayer attempts to parse a crafted WAV file with an incorrect LIST chunk. An attacker can exploit this vulnerability to inject and execute arbitrary code with the privileges of the...

5.1CVSS7AI score0.03831EPSS
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/06 12:0 a.m.•6 views

Contaware FreeVimager GIF LZWMinimumCodeSize Memory Corruption

A memory corruption vulnerability has been reported in Contaware FreeVimager. The vulnerability is due to an error in processing GIF images containing an invalid value for the LZWMinimumCodeSize field. A remote attacker could exploit this vulnerability by enticing a user to open a malicious image...

7AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/02 12:0 a.m.•1 views

Sophos Anti-Virus CAB Files Invalid typeCompress Parsing Heap Buffer Overflow

A buffer overflow vulnerability has been reported in Sophos Anti-Virus...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
•added 2013/01/01 12:0 a.m.•19 views

IBM Tivoli Monitoring Express Universal Agent Code Execution (CVE-2007-2137)

There exists a heap-based buffer overflow vulnerability in IBM Tivoli Monitoring Express...

6.7AI score0.07735EPSS
Exploits0
Total number of security vulnerabilities13538