Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Advisories

Check Point Update Service Advisories offer detailed descriptions and step-by-step instructions on how to activate and configure relevant defenses provided by Check Point products. Attack and Threat Protection Advisories are available to Check Point Update Service and NGX SmartDefense subscribers.

Severity Date Check Point
Reference
Industry
Reference
Description
CPAI-2014-1347   TLS and DTLS Heartbeat Extension
CPAI-2014-1346 CVE-2014-0160
CVE-2014-0346
OpenSSL TLS DTLS Overly-long Heartbeat Response Information Disclosure

Updated
CPAI-2014-1336 CVE-2014-0160
CVE-2014-0346
OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346)
CPAI-2014-1335   Illegal TCP Options

Updated
CPAI-2014-1319 CVE-2014-1755
Microsoft Internet Explorer Memory Corruption (MS14-018; CVE-2014-1755)

Updated
CPAI-2014-1318 CVE-2014-1753
Microsoft Internet Explorer Memory Corruption (MS14-018; CVE-2014-1753)

Updated
CPAI-2014-1314   Multiple PHP Servers R57shell Backdoor Command Execution

Updated
CPAI-2014-1306   Microsoft Internet Explorer 8

Updated
CPAI-2014-1305   Microsoft Internet Explorer 7

Updated
CPAI-2014-1186 CVE-2014-1452
FreeBSD bsnmpd GETBULK PDU Stack Buffer Overflow - ver 2 (CVE-2014-1452)

Updated
CPAI-2014-1185 CVE-2014-1751
Microsoft Internet Explorer Memory Corruption (MS14-018; CVE-2014-1751)

Updated
CPAI-2014-1184 CVE-2014-1752
Microsoft Internet Explorer Memory Corruption (MS14-018; CVE-2014-1752)

Updated
CPAI-2014-1183 CVE-2014-0301
Microsoft Windows DirectShow JPEG Double Free (MS14-013; CVE-2014-0301)

Updated
CPAI-2014-1181 CVE-2013-4547
Nginx Request URI Verification Security Bypass (CVE-2013-4547)

Updated
CPAI-2014-1180   WebShag Security Scanner

Updated
CPAI-2014-1179   w3af Security Scanner

Updated
CPAI-2014-1178   Nikto Security Scanner

Updated
CPAI-2014-1177   LibWhisker Security Scanner

Updated
CPAI-2014-1176   JBroFuzz Security Scanner

Updated
CPAI-2014-1172 CVE-2014-0301
Microsoft Windows DirectShow JPEG Double Free (MS14-013; CVE-2014-0301) - ver 2

Updated
CPAI-2014-1171 CVE-2014-1705
Google Chrome V8 JavaScript Engine Memory Corruption (CVE-2014-1705)

Updated
CPAI-2014-1154 CVE-2014-0063
PostgreSQL Database Datetime Buffer Overflow (CVE-2014-0063)

Updated
CPAI-2014-1150 CVE-2014-0423
Oracle Java Beans DocumentHandler XML External Entity (CVE-2014-0423)

Updated
CPAI-2013-3763 CVE-2013-5791
Oracle Outside In Microsoft Access 1.x Parser Buffer Overflow (CVE-2013-5791)

Updated
CPAI-2014-1328   BSQL Automated SQL Injection tool

Updated
CPAI-2014-1327   Sqlninja Automated SQL Injection tool

Updated
CPAI-2014-1326   Sqlmap Automated SQL Injection tool

Updated
CPAI-2014-1175   Havij Automated SQL Injection tool

Updated
CPAI-2014-1174   Pangolin Automated SQL Injection tool

Updated
CPAI-2014-1191   Web Servers Slow HTTP Denial of Service

Updated
CPAI-2014-1189   GoldenEye Denial of Service Tool

Updated
CPAI-2014-1188   HULK Denial of Service Tool

Updated
CPAI-2014-1187   Anonymous DoSer Denial of Service Tool

Updated
CPAI-2014-1173 CVE-2013-4353
OpenSSL TLS Record Tampering Denial of Service (CVE-2013-4353)

Updated
CPAI-2014-1151 CVE-2014-1266
Apple Products SSLVerifySignedServerKeyExchange Security Feature Bypass (CVE-2014-1266)

Updated
CPAI-2014-1128 CVE-2014-0980
Poster Software PUBLISH-iT PUI File Processing Buffer Overflow (CVE-2014-0980)

Updated
CPAI-2014-1148 CVE-2013-5907
Oracle Java SE GSUB ReqFeatureIndex Buffer Overflow (CVE-2013-5907)

Updated
CPAI-2014-1165   WordPress Pingback Distributed Denial of Service

Updated
CPAI-2013-3556 CVE-2013-5745
GNOME Vino VNC Server Denial of Service (CVE-2013-5745)

Updated
CPAI-2014-1170 CVE-2013-6449
OpenSSL ssl_get_algorithm2 TLS Denial of Service - ver 2 (CVE-2013-6449)

Updated
CPAI-2014-1168 CVE-2014-0307
Microsoft Internet Explorer Memory Corruption (MS14-012; CVE-2014-0307)

Updated
CPAI-2014-1166 CVE-2014-2205
McAfee ePolicy Orchestrator XML External Entity (CVE-2014-2205)

Updated
CPAI-2014-1131 CVE-2014-1683
SkyBlueCanvas CMS Remote Command Execution (CVE-2014-1683)

Updated
CPAI-2014-1163   Nessus Security Scanner

Updated
CPAI-2014-1162 CVE-2006-4966
Chumpsoft phpQuestionnaire Remote File Inclusion (CVE-2006-4966)

Updated
CPAI-2014-1157   Web servers PHPMyAdmin Misconfiguration Code Injection

Updated
CPAI-2014-1153   Fraudulent SSL Certificates Man-In-The-Middle

Updated
CPAI-2014-1127   Secure Sockets Layer Version 2.0

Updated
CPAI-2014-1065 CVE-2014-0492
Adobe Flash Player Address Leak Buffer Overflow (APSB14-02; CVE-2014-0492)

Updated
CPAI-2014-0954 CVE-2014-0491
Adobe Flash Player Cross-Site Scripting (APSB14-02; CVE-2014-0491)

Updated
CPAI-2014-1161 CVE-2006-3918
Apache HTTP Server Header Injection Cross-Site Scripting (CVE-2006-3918)

Updated
CPAI-2014-1160   Apache HTTP Server Format String Remote Code Execution

Updated
CPAI-2014-1159 CVE-2002-2006
CVE-2002-2007
CVE-2002-2008
Apache Tomcat Server Malicious Request Information Disclosure (CVE-2002-2006; CVE-2002-2007; CVE-2002-2008)

Updated
CPAI-2014-1158 CVE-2000-0884
Microsoft IIS Input Validation Directory Traversal (CVE-2000-0884)

Updated
CPAI-2014-1143 CVE-2014-0060
PostgreSQL Database SET ROLE Security Bypass (CVE-2014-0060)

Updated
CPAI-2014-1149 CVE-2013-4468
VICIdial Manager Send OS Command Injection (CVE-2013-4468)

Updated
CPAI-2014-1147 CVE-2014-0503
Adobe Flash Player Same Origin Security Bypass (APSB14-08; CVE-2014-0503)

Updated
CPAI-2014-1144 CVE-2013-5014
Symantec Endpoint Protection Manager XML External Entity Denial Of Service (CVE-2013-5014)

Updated
CPAI-2014-1136 CVE-2014-0001
Oracle MySQL Client Heap Buffer Overflow (CVE-2014-0001)

Updated
CPAI-2014-1095 CVE-2013-5013
Symantec Web Gateway blacklist.php Cross Site Scripting (CVE-2013-5013)

Archives