Home / 2014 Advisories Archive

2014 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Critical	22 Oct 2014	22 Oct 2014	CPAI-2014-1852		CVE-2014-6037	ManageEngine EventLog Analyzer agentUpload Directory Traversal (CVE-2014-6037)
Critical	19 Oct 2014	22 Oct 2014	CPAI-2014-1915	Microsoft MS14-060	CVE-2014-4114 CVE-2014-6352	Microsoft Windows OLE Remote Code Execution (MS14-060) - ver 2 (CVE-2014-4114; CVE-2014-6352)
High	8 May 2014	21 Oct 2014	CPAI-2014-1530	Adobe APSB14-12	CVE-2014-0514	Adobe Reader Mobile JavaScript Interface Java Code Execution (CVE-2014-0514)
Critical	20 Oct 2014	21 Oct 2014	CPAI-2014-1916	ManageEngine	CVE-2014-6036	ManageEngine Multiple Products multipartRequest Directory Traversal (CVE-2014-6036)
Critical	22 Sep 2014	20 Oct 2014	CPAI-2014-1842			SolarWinds Storage Manager AuthenticationFilter Authentication Bypass
High	13 Oct 2014	20 Oct 2014	CPAI-2014-1903	LibVNCServer 05a9bd41a	CVE-2014-6054	LibVNCServer rfbProcessClientNormalMessage msg.ssc.scale Divide by Zero Denial of Service (CVE-2014-6054)
Medium	19 Oct 2014	20 Oct 2014	CPAI-2014-1913	Schneider Electric ICSA-14-259-01	CVE-2014-5411	Schneider Electric SCADA Expert ClearSCADA Denial of Service (CVE-2014-5411)
High	17 Sep 2014	19 Oct 2014	CPAI-2014-1812	Apache	CVE-2014-0118	Apache HTTP Server mod_deflate Denial of Service (CVE-2014-0118)
High	28 Sep 2014	19 Oct 2014	CPAI-2014-1849	OpenSSL	CVE-2014-3506	OpenSSL DTLS Handshake Memory Exhaustion (CVE-2014-3506)
High	30 Sep 2014	19 Oct 2014	CPAI-2014-1857	OpenSSL	CVE-2014-3505	OpenSSL DTLS Handshake Double Free (CVE-2014-3505)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1859	Microsoft Security Bulletin MS14-056	CVE-2014-4130	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4130)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1861	Microsoft Security Bulletin MS14-056	CVE-2014-4132	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4132)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1862	Microsoft Security Bulletin MS14-056	CVE-2014-4133	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4133)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1863	Microsoft Security Bulletin MS14-056	CVE-2014-4127	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4127)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1868	Microsoft Security Bulletin MS14-056	CVE-2014-4128	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4128)
Medium	14 Oct 2014	14 Oct 2014	CPAI-2014-1874	mitre.org	CVE-2012-0261	op5 Monitor license.php Remote Command Execution (CVE-2012-0261)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1875		CVE-2013-1349	OpenSIS ajax.php modname Code Execution (CVE-2013-1349)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1877	Microsoft Security Bulletin MS14-056	CVE-2014-4138	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4138)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1880	Microsoft Security Bulletin MS14-059	CVE-2014-4075	Microsoft ASP.NET MVC Cross-Site-Scripting (MS14-059; CVE-2014-4075)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1881	Microsoft Security Bulletin MS14-056	CVE-2014-4134	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4134)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1884	Microsoft Security Bulletin MS14-061	CVE-2014-4117	Microsoft Word Memory Corruption (MS14-061; CVE-2014-4117)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1886	Microsoft Security Bulletin MS14-057	CVE-2014-4073	Microsoft .NET ClickOnce Elevation of Privilege (MS14-057; CVE-2014-4073)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1887	Microsoft Security Bulletin MS14-057	CVE-2014-4121	Microsoft .NET Framework Remote Code Execution (MS14-057; CVE-2014-4121)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1896	Microsoft Security Bulletin MS14-056	CVE-2014-4140	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4140)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1897	Microsoft Security Bulletin MS14-056	CVE-2014-4123	Microsoft Internet Explorer Elevation of Privilege (MS14-056; CVE-2014-4123)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1898	Microsoft Security Bulletin MS14-056	CVE-2014-4124	Microsoft Internet Explorer Elevation of Privilege (MS14-056; CVE-2014-4124)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1902	Microsoft Security Bulletin MS14-056	CVE-2014-4141	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4141)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1906	Microsoft Security Bulletin MS14-056	CVE-2014-4137	Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4137)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1830	HP	CVE-2014-2625	HP Network Virtualization storedNtxFile Directory Traversal (CVE-2014-2625)
Medium	14 Oct 2014	14 Oct 2014	CPAI-2014-1833	Attachmate 2501	CVE-2014-0606	Attachmate Reflection FTP Client ActiveX GetSiteProperties3 Memory Corruption (CVE-2014-0606)
Medium	14 Oct 2014	14 Oct 2014	CPAI-2014-1841		CVE-2014-0991	Advantech WebAccess SCADA ProjectName Parameter Buffer Overflow (CVE-2014-0991)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1842			SolarWinds Storage Manager AuthenticationFilter Authentication Bypass
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1845	MIT	CVE-2014-4342	MIT Kerberos Invalid RFC 1964 Token Denial of Service (CVE-2014-4342)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1851		CVE-2014-5006	ManageEngine Desktop Central mdmLogUploader Directory Traversal (CVE-2014-5006)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1855	HP	CVE-2014-2624	HP Network Node Manager I ovopi.dll Buffer Overflow (CVE-2014-2624)
Critical	14 Oct 2014	14 Oct 2014	CPAI-2014-1856	IPS Research Team	CVE-2014-5005	ManageEngine Desktop Central StatusUpdate Arbitrary File Upload (CVE-2014-5005)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1880	Microsoft Security Bulletin MS14-059	CVE-2014-4075	Microsoft ASP.NET MVC Cross-Site-Scripting (MS14-059; CVE-2014-4075)
High	13 Oct 2014	14 Oct 2014	CPAI-2014-1901	Redhat RHSA-2014-1298	CVE-2014-3490	Red Hat JBoss RESTEasy PARAMETER ENTITY XXE Information Disclosure (CVE-2014-3490)
High	14 Oct 2014	14 Oct 2014	CPAI-2014-1886	Microsoft MS14-057	CVE-2014-4073	Microsoft .NET ClickOnce Elevation of Privilege (MS14-057; CVE-2014-4073)
High	21 Jul 2014	13 Oct 2014	CPAI-2014-1726	HP	CVE-2014-2614	HP SiteScope EmailServlet Information Disclosure (CVE-2014-2614)
High	2 Oct 2014	13 Oct 2014	CPAI-2014-1873	Novell	CVE-2014-0600	Novell GroupWise Admin Service FileUploadServlet Directory Traversal (CVE-2014-0600)
High	13 Oct 2014	13 Oct 2014	CPAI-2014-1900	Schneider Electric	CVE-2014-5412	Schneider Electric SCADA Expert ClearSCADA Authentication Bypass (CVE-2014-5412)
High	6 Oct 2014	7 Oct 2014	CPAI-2014-1883	CVE-2014-4511	CVE-2014-4511	GitList URL Remote Code Execution (CVE-2014-4511)
High	6 Oct 2014	7 Oct 2014	CPAI-2014-1819	Apache	CVE-2013-4352	Apache HTTP Server mod_cache Denial of Service (CVE-2013-4352)
High	7 Oct 2014	7 Oct 2014	CPAI-2014-1893	Metasploit		JBoss JMX Console Deployer Upload and Execute
High	3 Apr 2014	6 Oct 2014	CPAI-2014-1323	Lighttpd Project sa_2014_01	CVE-2014-2323 CVE-2014-2324	Lighttpd Host Header Multiple Vulnerabilities (CVE-2014-2323; CVE-2014-2324)
Critical	13 Apr 2014	6 Oct 2014	CPAI-2014-1585	Digium AST-2014-002	CVE-2014-2287	Digium Asterisk File Descriptor Invalid Headers Syntax Denial of Service (CVE-2014-2287)
High	30 Sep 2014	5 Oct 2014	CPAI-2014-1838	Mozilla mfsa2014-68	CVE-2014-1563	Mozilla Firefox DOMSVGLength Reflected Attribute Use-After-Free (CVE-2014-1563)
Medium	2 Oct 2014	5 Oct 2014	CPAI-2014-1874	Mitre.org	CVE-2012-0261	op5 Monitor license.php Remote Command Execution (CVE-2012-0261)
Critical	5 Oct 2014	5 Oct 2014	CPAI-2014-1875		CVE-2013-1349	OpenSIS ajax.php modname Code Execution (CVE-2013-1349)