2013 Advisories Archive
| Severity | Date | Check Point Reference |
Industry Reference |
Description |
|---|---|---|---|---|
| CPAI-2013-1624 |
CVE-2011-4063 |
Digium Asterisk SIP Channel Driver Denial Of Service - High Confidence (CVE-2011-4063) | ||
| CPAI-2013-1633 |
CVE-2008-1434 |
Microsoft Word CSS Processing Code Execution - Improved Performance (MS08-026; CVE-2008-1434) | ||
| CPAI-2013-1313 |
CVE-2013-0006 |
Microsoft XML Core Services Integer Truncation Memory Corruption (MS13-002; CVE-2013-0006) | ||
| CPAI-2013-1625 |
CVE-2012-3526 |
Apache HTTP Server mod_rpaf x-forwarded-for Denial of Service - Improved Confidence (CVE-2012-3526) | ||
| CPAI-2013-1623 |
CVE-2012-5470 |
VideoLAN VLC Media Player PNG Code Execution - Improved Performance (CVE-2012-5470) | ||
| CPAI-2013-1606 | DNS ANY Request | |||
| CPAI-2013-1605 |
CVE-2013-0646 |
Adobe Flash Player ActionScript Heap Overflow (APSB13-09; CVE-2013-0646) | ||
| CPAI-2013-1602 |
CVE-2010-0476 |
Microsoft SMB Response Parsing Memory Corruption (MS10-020; CVE-2010-0476) - High Confidence | ||
| CPAI-2013-1598 |
CVE-2013-1288 |
Internet Explorer CTreeNode Use After Free Remote Code Execution (MS13-021; CVE-2013-1288) | ||
| CPAI-2013-1597 |
CVE-2013-0086 |
Microsoft Office OneNote Parsing Memory Information Disclosure (MS13-025; CVE-2013-0086) | ||
| CPAI-2013-1596 |
CVE-2013-0084 |
Microsoft SharePoint Directory Traversal (MS13-024; CVE-2013-0084) | ||
| CPAI-2013-1595 |
CVE-2013-0092 |
Internet Explorer GetMarkupPtr Use After Free Code Execution (MS13-021; CVE-2013-0092) | ||
| CPAI-2013-1594 |
CVE-2013-0079 |
Microsoft Visio Viewer Tree Object Type Confusion Code Execution (MS13-023; CVE-2013-0079) | ||
| CPAI-2013-1593 |
CVE-2013-0090 |
Internet Explorer CCaret Use After Free Code Execution (MS13-021; CVE-2013-0090) | ||
| CPAI-2013-1337 |
CVE-2013-0094 |
Internet Explorer removeChild Use After Free Code Execution (MS13-021; CVE-2013-0094) | ||
| CPAI-2013-1332 |
CVE-2013-0091 |
Internet Explorer CElement Use After Free Code Execution (MS13-021; CVE-2013-0091) | ||
| CPAI-2013-1331 |
CVE-2013-0088 |
Internet Explorer saveHistory Use After Free Code Execution (MS13-021; CVE-2013-0088) | ||
| CPAI-2013-1329 |
CVE-2013-0083 |
Microsoft SharePoint Web Analytics Cross-Site Scripting (MS13-024; CVE-2013-0083) | ||
| CPAI-2013-1328 |
CVE-2013-0089 |
Internet Explorer CMarkupBehaviorContext use after free (MS13-021; CVE-2013-0089) | ||
| CPAI-2013-1324 |
CVE-2013-1281 |
Microsoft Windows NFS Server NULL Pointer Dereference (MS13-014; CVE-2013-1281) | ||
| CPAI-2013-1345 |
CVE-2013-1493 |
Oracle Java Runtime CMM Code Execution (CVE-2013-1493) | ||
| CPAI-2013-1343 |
CVE-2005-0817 |
Symantec Gateway Products DNS Cache Poisoning - High Confidence (CVE-2005-0817) | ||
| CPAI-2013-1342 |
CVE-2013-0093 |
Internet Explorer CCommand Use After Free (MS13-021; CVE-2013-0093) | ||
| CPAI-2013-1341 |
CVE-2013-0087 |
Internet Explorer OnResize Use After Free Remote Code Execution (MS13-021; CVE-2013-0087) | ||
| CPAI-2013-1339 |
CVE-2013-0080 |
Microsoft SharePoint Callback Function Elevation of Privilege (MS13-024; CVE-2013-0080) | ||
| CPAI-2013-1338 |
CVE-2012-0013 |
Microsoft Windows Assembly Execution Vulnerability (MS12-005; CVE-2012-0013) - High Confidence | ||
| CPAI-2013-1336 |
CVE-2013-1593 |
SAP NetWeaver AdIExecBlkConv Message Server Buffer Overflow (CVE-2013-1593) | ||
| CPAI-2013-1322 |
CVE-2013-0002 |
Microsoft .NET Framework WinForms Buffer Overflow (CVE-2013-0002) | ||
| CPAI-2013-1321 |
CVE-2013-0003 |
Microsoft .NET Framework S.DS.P Namespace Method Buffer Overflow (CVE-2013-0003) | ||
| CPAI-2013-1320 |
CVE-2013-0001 |
Microsoft .NET Framework WinForms Information Disclosure (CVE-2013-0001) | ||
| CPAI-2013-413 |
CVE-2012-4347 |
Symantec Messaging Gateway Directory Traversal (CVE-2012-4347) | ||
| CPAI-2013-1314 |
CVE-2012-0677 |
Apple iTunes m3u Playlist Multiple Buffer Overflows - High Confidence (CVE-2012-0677) | ||
| CPAI-2013-1311 |
CVE-2012-5958 |
Portable SDK for UPnP Devices libupnp Device Service Name Stack Buffer Overflow (CVE-2012-5958) | ||
| CPAI-2013-1307 |
CVE-2012-4820 |
IBM Java com.ibm.rmi.util.ProxyUtil Sandbox Breach (CVE-2012-4820) | ||
| CPAI-2013-1296 |
CVE-2013-0638 |
Adobe Flash Player malformed FLV file Flash memory corruption vulnerability (APSB13-05; CVE-2013-0638) | ||
| CPAI-2013-1295 |
CVE-2013-0637 |
Adobe Flash Player malformed SWF file information disclosure (APSB13-05; CVE-2013-0637) | ||
| CPAI-2013-093 | Adobe InDesign Server SOAP Request Lack of Authentication | |||
| CPAI-2013-086 |
CVE-2013-0393 |
Oracle Outside In Paradox Database Stream Filter Denial of Service (CVE-2013-0393) | ||
| CPAI-2013-084 |
CVE-2013-0625 |
Adobe ColdFusion scheduleedit.cfm Authentication Bypass (CVE-2013-0625) | ||
| CPAI-2013-074 |
CVE-2012-6392 |
Cisco Prime LAN Management Solution Remote Command Execution (CVE-2012-6392) | ||
| CPAI-2013-026 |
CVE-2011-3492 |
SCADA DaqFactory HMI NETB Request Overflow (CVE-2011-3492) | ||
| CPAI-2013-012 |
CVE-2012-5691 |
RealNetworks RealPlayer URL Parsing Stack Buffer Overflow (CVE-2012-5691) | ||
| CPAI-2013-010 | Nagios history.cgi Parameter Buffer Overflow | |||
| CPAI-2013-1327 |
CVE-2013-0648 |
Adobe Flashplayer Malicious SWF Use After Free Code Execution (CVE-2013-0648) | ||
| CPAI-2013-1323 |
CVE-2013-1592 |
SAP NetWeaver Message Server Memory Corruption (CVE-2013-1592) | ||
| CPAI-2013-1316 |
CVE-2013-0418 |
Oracle Outside In CorelDRAW File Parser Heap Buffer Overflow (CVE-2013-0418) | ||
| CPAI-2012-1282 | Novell NetIQ Privileged User Manager modifyAccounts Policy Bypass | |||
| CPAI-2013-1308 |
CVE-2012-0006 |
Microsoft DNS Server Denial of Service - Specific (MS12-017; CVE-2012-0006) | ||
| CPAI-2012-380 |
CVE-2012-1723 |
Oracle Java Runtime Bytecode Verifier Cache Code Execution (CVE-2012-1723) | ||
| CPAI-2013-998 | Non Compliant Scada Modbus Write Multiple Regs Response | |||
| CPAI-2013-997 | Non Compliant Scada Modbus Write Multiple Coils Response | |||
| CPAI-2013-996 | Non Compliant Scada Modbus Write Multiple Regs Query | |||
| CPAI-2013-995 | Non Compliant Scada Modbus Write Multiple Coils Query | |||
| CPAI-2013-994 | Non Compliant Scada Modbus Write Coils And Rst Comm | |||
| CPAI-2013-992 | Scada Modbus Write Request To PLC | |||
| CPAI-2013-991 | Scada Modbus Slave Device Busy Exception Code Delay | |||
| CPAI-2013-990 | Scada Modbus Report Slave ID | |||
| CPAI-2013-989 | Scada Read Modbus Request To PLC | |||
| CPAI-2013-984 | Non Compliant Scada Modbus Return Diag Regs | |||
| CPAI-2013-983 | Non Compliant Scada Modbus Read Write Reg Response | |||
| CPAI-2013-982 | Non Compliant Scada Modbus Read Write Reg Query | |||
| CPAI-2013-981 | Non Compliant Scada Modbus Read Regs Query | |||
| CPAI-2013-980 | Non Compliant Scada Modbus Read File Record Response | |||
| CPAI-2013-979 | Non Compliant Scada Modbus Read File Record Query | |||
| CPAI-2013-978 | Non Compliant Scada Modbus Read Device ID Response | |||
| CPAI-2013-977 | Non Compliant Scada Modbus Read Device ID Query | |||
| CPAI-2013-976 | Scada Modbus Modbus Read Device Identification | |||
| CPAI-2013-975 | Non Compliant Scada Modbus Read Coils Inputs Query | |||
| CPAI-2013-974 | Non Compliant Scada Modbus Read Coils And Regs Response | |||
| CPAI-2013-973 | Scada Modbus Points List Scan | |||
| CPAI-2013-972 | Non Compliant Scada Modbus Write File Record | |||
| CPAI-2013-971 | Scada Modbus Incorrect Packet Length | |||
| CPAI-2013-970 | Non Compliant Scada Modbus Function Code Size | |||
| CPAI-2013-421 | Non Compliant Scada Modbus Function Code Data (Non Compliant Scada Modbus Function Code Data) | |||
| CPAI-2013-420 | Scada Modbus Force Listen Only Mode | |||
| CPAI-2013-419 | Non Compliant Scada Modbus Comm Event Log Response | |||
| CPAI-2013-418 | Scada Modbus Acknowledge Exception Code Delay | |||
| CPAI-2013-417 | Scada Modbus Clear Counters And Diagnostic Registers | |||
| CPAI-2013-1298 | Scada Modbus Function Code Scan | |||
| CPAI-2013-1297 |
CVE-2013-0640 |
Adobe Reader PDF File DLL Injection Remote Code Execution (APSA13-02; CVE-2013-0640) | ||
| CPAI-2013-1269 |
CVE-2012-1667 |
ISC BIND Zero Length RDATA Denial of Service - High Confidence (CVE-2012-1667) | ||
| CPAI-2013-1268 |
CVE-2007-6401 |
3ivx MPEG-4 MP4 File Handling Stack Overflow - Specific (CVE-2007-6401) | ||
| CPAI-2013-1012 | Non-MODBUS Traffic Over Port 502 | |||
| CPAI-2013-032 | Scada Modbus Restart Communications Option | |||
| CPAI-2013-382 |
CVE-2013-1313 |
Microsoft Windows Common Controls OLE Remote Code Execution (MS13-020; CVE-2013-1313) | ||
| CPAI-2013-381 | CVE-2013-0026 | Internet Explorer InsertElement Use After Free (MS13-009; CVE-2013-0026) | ||
| CPAI-2013-380 |
CVE-2013-0015 |
Internet Explorer Shift JIS Character Encoding (MS13-009; CVE-2013-0015) | ||
| CPAI-2013-1267 |
CVE-2013-0019 |
Internet Explorer COmWindowProxy Use After Free (MS13-009; CVE-2013-0019) | ||
| CPAI-2013-1266 | CVE-2013-0022 | Internet Explorer LsGetTrailInfo Use After Free (MS13-009; CVE-2013-0022) | ||
| CPAI-2013-1265 |
CVE-2013-0077 |
Microsoft Windows Media Decompression Remote Code Execution (MS13-011; CVE-2013-0077) | ||
| CPAI-2013-1079 |
CVE-2013-0021 |
Internet Explorer vtable Use After Free Memory Corruption (MS13-009; CVE-2013-0021) | ||
| CPAI-2013-1052 |
CVE-2013-0023 |
Internet Explorer CDispNode Use After Free (MS13-009; CVE-2013-0023) | ||
| CPAI-2013-085 | Eurograbber | |||
| CPAI-2013-082 |
CVE-2013-0030 |
Internet Explorer VML Objects Memory Corruption (MS13-010; CVE-2013-0030) | ||
| CPAI-2013-081 |
CVE-2013-0024 |
Internet Explorer pasteHTML Use After Free (MS13-009; CVE-2013-0024) | ||
| CPAI-2013-080 |
CVE-2013-0020 |
Internet Explorer CMarkup Use After Free (MS13-009; CVE-2013-0020) | ||
| CPAI-2013-079 |
CVE-2013-0018 |
Internet Explorer SetCapture Use After Free (MS13-009; CVE-2013-0018) | ||
| CPAI-2013-078 |
CVE-2013-0029 |
Internet Explorer CHTML Use After Free (MS13-009; CVE-2013-0029) | ||
| CPAI-2013-077 |
CVE-2013-0028 |
Internet Explorer CObjectElement Use After Free (MS13-009; CVE-2013-0028) | ||
| CPAI-2013-076 |
CVE-2013-0027 |
Internet Explorer CPasteCommand Use After Free (MS13-009; CVE-2013-0027) | ||
| CPAI-2013-075 |
CVE-2013-0025 |
Internet Explorer SLayoutRun Use After Free (MS13-009; CVE-2013-0025) | ||
| CPAI-2013-073 |
CVE-2011-0038 |
Microsoft Internet Explorer 8 IESHIMS.DLL Insecure Library Loading (MS11-003; CVE-2011-0038) | ||
| CPAI-2012-1330 |
CVE-2005-0337 |
Postfix IPv6 Relaying Security Issue (CVE-2005-0337) | ||
| CPAI-2013-092 |
CVE-2013-0634 |
Adobe Flash Player ActionScript Code Heap Buffer Overflow (APSB13-04; CVE-2013-0634) | ||
| CPAI-2013-091 | Adobe Flash Player SWF File Buffer Overflow (APSB13-04; CVE-2013-0633) | |||
| CPAI-2012-1335 |
CVE-2012-4939 |
SolarWinds Orion IPAM Reflected Cross-site Scripting (CVE-2012-4939) | ||
| CPAI-2013-033 |
CVE-2011-3414 |
Microsoft ASP.NET and PHP Hash Collision Denial of Service - Specific (CVE-2011-3414) | ||
| CPAI-2013-028 |
CVE-2013-0626 |
Adobe Reader Stack Exhaustion Code Execution (APSB13-02; CVE-2013-0626) | ||
| CPAI-2013-025 |
CVE-2012-1530 |
Adobe Reader Crafted XSL Remote Code Execution (APSB13-02; CVE-2012-1530) | ||
| CPAI-2013-024 |
CVE-2013-0622 |
Adobe Reader Malformed JavaScript Security Bypass (APSB13-02; CVE-2013-0622) | ||
| CPAI-2013-023 |
CVE-2013-0156 |
Ruby on Rails XML Processor YAML Deserialization Code Execution (CVE-2013-0156) | ||
| CPAI-2013-022 |
CVE-2013-0624 |
Adobe Acrobat Reader Hybrid File Cross-Site Scripting (APSB13-02; CVE-2013-0624) | ||
| CPAI-2013-021 |
CVE-2013-0604 |
Adobe Acrobat Reader Open Type Integer Overflow (APSB13-02; CVE-2013-0604) | ||
| CPAI-2013-020 |
CVE-2013-0621 |
Adobe Reader Crafted JP2K Heap Overflow (APSB13-02; CVE-2013-0621) | ||
| CPAI-2013-019 |
CVE-2013-0623 |
Adobe Acrobat Reader True Type Font Parsing Remote Code Execution (APSB13-02; CVE-2013-0623) | ||
| CPAI-2013-017 |
CVE-2013-0603 |
Adobe Reader Crafted JPEG Heap Overflow (APSB13-02; CVE-2013-0603) | ||
| CPAI-2013-005 |
CVE-2011-2750 |
NFRAgent.exe in Novell File Reporter file delete (CVE-2011-2750) | ||
| CPAI-2013-016 |
CVE-2012-1537 |
Microsoft DirectPlay Office File Handling Invalid Memory Free (MS12-082; CVE-2012-1537) | ||
| CPAI-2013-014 |
CVE-2009-0075 |
Microsoft Internet Explorer Cloned Object Memory Corruption (MS09-002; CVE-2009-0075) | ||
| CPAI-2013-011 |
CVE-2012-4534 |
Apache Tomcat NIO Connector Denial of Service (CVE-2012-4534) | ||
| CPAI-2013-007 |
CVE-2013-0422 |
Oracle Java JmxMBeanServer Package Sandbox Breach (CVE-2013-0422) | ||
| CPAI-2012-841 | Foxit Reader Insecure Library Loading | |||
| CPAI-2012-840 |
CVE-2012-2982 |
Webmin show.cgi Command Execution (CVE-2012-2982) | ||
| CPAI-2012-796 |
CVE-2012-5470 |
VideoLAN VLC Media Player PNG Code Execution (CVE-2012-5470) | ||
| CPAI-2012-646 |
CVE-2012-3939 |
Cisco WebEx Recording Format Player atas32.dll Memory Corruption (CVE-2012-3939) | ||
| CPAI-2012-1334 | Novell Sentinel Log Manager Retention Policy Security Restriction Bypass | |||
| CPAI-2012-1324 |
CVE-2012-5576 |
GIMP XWD File Handling Stack Buffer Overflow (CVE-2012-5576) | ||
| CPAI-2012-1319 |
CVE-2012-2962 |
Dell SonicWALL Scrutinizer SQL Injection (CVE-2012-2962) | ||
| CPAI-2012-1315 |
CVE-2012-0308 |
Symantec Messaging Gateway Save.do Cross Site Request Forgery (CVE-2012-0308) | ||
| CPAI-2012-1313 |
CVE-2012-3754 |
Apple QuickTime ActiveX Control Clear Method Use-After-Free (CVE-2012-3754) | ||
| CPAI-2012-1307 | Sophos Anti-Virus RAR VMSF_RGB Filter Parsing Integer Underflow | |||
| CPAI-2012-1298 |
CVE-2012-4959 |
Novell File Reporter FSFUI File Upload (CVE-2012-4959) | ||
| CPAI-2012-1289 |
CVE-2012-4957 |
Novell File Reporter SRS Arbitrary File Retrieval (CVE-2012-4957) | ||
| CPAI-2012-1286 |
CVE-2012-4958 |
Novell File Reporter FSFUI Arbitrary File Retrieval (CVE-2012-4958) | ||
| CPAI-2012-1348 | Wibu-Systems WibuKey Runtime for Windows ActiveX Control Buffer Overflow | |||
| CPAI-2012-1323 | Lattice Semiconductor ispVM System XCF File Handling Overflow | |||
| CPAI-2013-004 |
CVE-2013-0013 |
Microsoft SSL and TLS Protocol Security Feature Bypass (MS13-006; CVE-2013-0013) | ||
| CPAI-2012-1347 |
CVE-2013-0010 |
Microsoft SCOM Web Console Cross-Site Scripting (MS13-003; CVE-2013-0010) | ||
| CPAI-2012-1346 |
CVE-2013-0007 |
Microsoft Windows MSXML XSLT Remote Code Execution (MS13-002; CVE-2013-0007) | ||
| CPAI-2012-1342 |
CVE-2007-5530 |
Oracle Database Control Component Denial of Service (CVE-2007-5530) | ||
| CPAI-2012-1341 |
CVE-2008-1979 |
CA BrightStor ARCserve Backup Discovery Service Buffer Over-Read (CVE-2008-1979) | ||
| CPAI-2012-1340 |
CVE-2013-0009 |
Microsoft System Center Operations Manager Cross-Site Scripting (MS13-003; CVE-2013-0009) | ||
| CPAI-2012-1338 |
CVE-2013-0005 |
Microsoft OData WCF Replace Denial of Service (MS13-007; CVE-2013-0005) | ||
| CPAI-2012-1322 |
CVE-2012-5268 |
Adobe Flash Player Malformed Actions Remote Code Execution (APSB12-22; CVE-2012-5268) | ||
| CPAI-2012-1316 | Eaton MGE Network Shutdown Module Remote PHP Code Injection | |||
| CPAI-2012-1312 |
CVE-2012-2983 |
Webmin edit_html.cgi file Parameter Traversal Arbitrary File Access (CVE-2012-2983) | ||
| CPAI-2012-1308 | NetDecision NOCVision Server Directory Traversal | |||
| CPAI-2013-817 | IBM Lotus Notes Lotus 1-2-3 Work Sheet File Viewer Code Execution | |||
| CPAI-2013-816 |
CVE-2006-0002 |
Microsoft Exchange and Outlook TNEF Decoding Code Execution (CVE-2006-0002) | ||
| CPAI-2013-815 |
CVE-2008-4564 |
IBM Lotus Notes WPD Attachment Handling Code Execution (CVE-2008-4564) | ||
| CPAI-2013-773 |
CVE-2006-4018 |
ClamAV UPX File Handling Heap Code Execution (CVE-2006-4018) | ||
| CPAI-2013-415 |
CVE-2005-0611 |
RealNetworks RealPlayer WAV File Processing Code Execution (CVE-2005-0611) | ||
| CPAI-2012-1140 |
CVE-2008-3263 |
Digium Asterisk IAX2 POKE Request Denial of Service (CVE-2008-3263) | ||
| CPAI-2013-414 | WebPageTest Directory Traversal | |||
| CPAI-2013-002 |
CVE-2006-0900 |
FreeBSD nfsd NFS Mount Request Data Length Denial of Service (CVE-2006-0900) | ||
| CPAI-2012-1337 |
CVE-2012-3756 |
Apple QuickTime rnet Box Parsing Heap Buffer Overflow (CVE-2012-3756) | ||
| CPAI-2012-1283 | Sophos Anti-Virus CAB Files Invalid typeCompress Parsing Heap Buffer Overflow | |||
| CPAI-2013-003 |
CVE-2012-2626 |
Plixer Scrutinizer NetFlow and sFlow Analyzer HTTP Authentication Bypass (CVE-2012-2626) | ||
| CPAI-2013-001 |
CVE-2008-1855 |
McAfee ePolicy Orchestrator Framework Services HTTP Code Injection (CVE-2008-1855) | ||
| CPAI-2012-1344 |
CVE-2005-4216 |
Macromedia Flash Media Server Malformed Data Denial of Service (CVE-2005-4216) | ||
| CPAI-2012-1343 |
CVE-2007-2137 |
IBM Tivoli Monitoring Express Universal Agent Code Execution (CVE-2007-2137) | ||
| CPAI-2012-1293 |
CVE-2012-3811 |
Avaya IP Office CCR ImageUpload.ashx Unrestricted File Upload (CVE-2012-3811) | ||
| CPAI-2012-1305 |
CVE-2012-1744 |
Oracle Outside In FlashPix Image Processing Code Execution (CVE-2012-1744) | ||
| CPAI-2012-1303 |
CVE-2011-4516 |
Oracle Outside In JPEG 2000 Parameter Heap Buffer Overflow (CVE-2011-4516) | ||
| CPAI-2012-1284 |
CVE-2012-2288 |
EMC NetWorker nsrd Stack Buffer Overflow (CVE-2012-2288) | ||
| CPAI-2013-026 |
CVE-2011-5007 |
Smart Software Solutions CoDeSys ControlService Stack Buffer Overflow (CVE-2011-5007) |
Archives