Home / 2013 Advisories Archive

2013 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Industry Reference	Description
Critical	6 Oct 2013	10 Nov 2015	CPAI-2013-2948	CVE-2013-4799	HP LoadRunner XDR Data Handling Heap Buffer Overflow (CVE-2013-4799)
High	17 Oct 2013	10 Nov 2015	CPAI-2013-3491	CVE-2013-3870 CVE-2013-3905	Microsoft Outlook MIME Email Message Parsing Remote Code Execution (MS13-068; CVE-2013-3870; CVE-2013-3905)
High	30 Dec 2013	10 Nov 2015	CPAI-2013-3765	CVE-2013-6397	Apache Solr SolrResourceLoader Directory Traversal (CVE-2013-6397)
Critical	7 Jan 2013	3 Nov 2015	CPAI-2012-1293	CVE-2012-3811	Avaya IP Office CCR ImageUpload.ashx Unrestricted File Upload (CVE-2012-3811)
Medium	20 Jan 2013	3 Nov 2015	CPAI-2012-1319	CVE-2012-2962	Dell SonicWALL Scrutinizer SQL Injection (CVE-2012-2962)
High	30 May 2013	3 Nov 2015	CPAI-2013-1846		SAP NetWeaver SXPG_CALL_SYSTEM Remote Code Execution
Critical	4 Jun 2013	3 Nov 2015	CPAI-2013-1859	CVE-2013-1966 CVE-2013-2115	Apache Struts URL and Anchor tag includeParams OGNL Command Execution (CVE-2013-1966; CVE-2013-2115)
High	19 Jun 2013	3 Nov 2015	CPAI-2013-1900		PhpTax pfilez Remote Code Execution
Critical	24 Jun 2013	3 Nov 2015	CPAI-2013-2456		PHP PHP-Charts Remote Code Execution
High	3 Jul 2013	3 Nov 2015	CPAI-2013-2449	CVE-2013-0803	PolarBearCms upload.php Arbitrary File Upload (CVE-2013-0803)
Critical	7 Jul 2013	3 Nov 2015	CPAI-2013-1913	CVE-2012-3399	Basilic diff.php Arbitrary Command Execution (CVE-2012-3399)
High	15 Jul 2013	3 Nov 2015	CPAI-2013-2484		SAP NetWeaver SOAP Request SXPG_COMMAND_EXECUTE Command Execution
Medium	18 Jul 2013	3 Nov 2015	CPAI-2013-2492		SAP NetWeaver SOAP Request SXPG_CALL_SYSTEM Command Execution
Medium	5 Aug 2013	3 Nov 2015	CPAI-2013-2519	CVE-2011-4075	PHP phpLDAPadmin Remote Code Execution (CVE-2011-4075)
High	7 Aug 2013	3 Nov 2015	CPAI-2013-2515	CVE-2012-1153	appRain CMF Arbitrary PHP File Upload (CVE-2012-1153)
High	13 Aug 2013	3 Nov 2015	CPAI-2013-2520	CVE-2013-3185	Microsoft Active Directory Federation Services Information Disclosure (MS13-066; CVE-2013-3185)
Critical	17 Sep 2013	3 Nov 2015	CPAI-2013-2944	CVE-2013-3763	Oracle Endeca Server createDataStore Remote Command Execution (CVE-2013-3763)
High	24 Sep 2013	3 Nov 2015	CPAI-2013-2951	CVE-2013-5093	Graphite Web Unsafe Module Handling Code Execution (CVE-2013-5093)
High	15 Oct 2013	3 Nov 2015	CPAI-2013-3479	CVE-2012-5687	TP-Link Wireless Lite N Access Point Directory Traversal (CVE-2012-5687)
High	28 Oct 2013	3 Nov 2015	CPAI-2013-3515	CVE-2011-4825	Log1 CMS writeInfo() PHP Code Injection (CVE-2011-4825)
High	3 Nov 2013	3 Nov 2015	CPAI-2013-3498	CVE-2013-4211	OpenX Ad Server Backdoor PHP Code Execution (CVE-2013-4211)
High	10 Nov 2013	3 Nov 2015	CPAI-2013-3544	CVE-2013-3591	Vtiger CRM Authenticated Remote Code Execution (CVE-2013-3591)
High	14 Nov 2013	3 Nov 2015	CPAI-2013-3555	CVE-2011-4828	AutoSec Tools V-CMS inline_image_upload.php PHP File Upload And Execution (CVE-2011-4828)
Critical	3 Dec 2013	3 Nov 2015	CPAI-2013-3612	CVE-2009-2288	Nagios statuswml.cgi Command Execution (CVE-2009-2288)
Critical	11 Dec 2013	3 Nov 2015	CPAI-2013-3686	CVE-2013-4212	Apache Roller OGNL Injection Remote Code Execution (CVE-2013-4212)
High	30 Apr 2013	25 Oct 2015	CPAI-2013-088	CVE-2012-5689	ISC BIND DNS64 RPZ Assertion Failure Denial of Service (CVE-2012-5689)
Critical	25 Apr 2013	20 Oct 2015	CPAI-2013-1682	CVE-2013-1839	Squid Proxy strHdrAcptLangGetItem Value Denial of Service (CVE-2013-1839)
Critical	1 Dec 2013	14 Oct 2015	CPAI-2013-3628	CVE-2013-1418	Kerberos Multi-realm KDC NULL Pointer Dereference Denial of Service (CVE-2013-1418)
Critical	27 Oct 2013	11 Oct 2015	CPAI-2013-3487	CVE-2007-5659 CVE-2008-2992 CVE-2009-0927 CVE-2009-4324 CVE-2010-0188	BlackHole Toolkit v2 Adobe Reader Payload Stage Code Execution (CVE-2007-5659; CVE-2008-2992; CVE-2009-0927; CVE-2009-4324; CVE-2010-0188)
Critical	5 May 2013	6 Oct 2015	CPAI-2013-1708	CVE-2012-4705	3S Smart Software Solutions CoDeSys Gateway Server Directory Traversal (CVE-2012-4705)
Critical	5 May 2013	6 Oct 2015	CPAI-2013-1709	CVE-2012-4708	3S Smart Software Solutions CoDeSys Gateway Server Stack Buffer Overflow (CVE-2012-4708)
Medium	9 May 2013	8 Sep 2015	CPAI-2013-1666	CVE-2012-4900	Corel WordPerfect Document Processing Buffer Overflow (CVE-2012-4900)
Critical	6 Nov 2013	30 Jun 2015	CPAI-2013-3540	CVE-2013-3906	Microsoft Office Embedded TIFF Image Remote Code Execution (CVE-2013-3906)
Critical	17 Nov 2013	26 May 2015	CPAI-2013-3563	CVE-2013-5324	Adobe Flash Player Memory Corruption (APSB13-21: CVE-2013-5324)
Critical	19 May 2013	12 May 2015	CPAI-2013-1829	CVE-2013-2729	Adobe Acrobat Reader Crafted RLE8 format BMP File Buffer Overflow (APSB13-15; CVE-2013-2729)
Critical	12 Sep 2013	10 May 2015	CPAI-2013-2935	CVE-2011-4535	ScadaTEC ScadaPhone and ModbusTagServer SCADA Remote Code Execution (CVE-2011-4535)
N/A	1 May 2013	6 May 2015	CPAI-2013-1689		Toxin Based Brobot HTTP Request
N/A	6 May 2013	6 May 2015	CPAI-2013-1768		OPC UA Write Response Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1779		OPC UA Modify Monitored Items Response Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1777		OPC UA Monitored Item Modify Request Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1719		OPC UA Test Stack Response Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1722		OPC UA Find Servers Request Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1735		OPC UA Activate Session Response Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1734		OPC UA Activate Session Request Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1726		OPC UA Register Server Request Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1767		OPC UA Write Request Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1785		OPC UA Delete Monitored Items Response Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1773		OPC UA Call Response Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1739		OPC UA Cancel Response Command
N/A	6 May 2013	6 May 2015	CPAI-2013-1727		OPC UA Register Server Response Command