Home / 2014 Advisories Archive

2014 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
High	13 Oct 2014	13 Oct 2014	CPAI-2014-1900	Schneider Electric	CVE-2014-5412	Schneider Electric SCADA Expert ClearSCADA Authentication Bypass (CVE-2014-5412)
High	6 Oct 2014	7 Oct 2014	CPAI-2014-1883	CVE-2014-4511	CVE-2014-4511	GitList URL Remote Code Execution (CVE-2014-4511)
High	6 Oct 2014	7 Oct 2014	CPAI-2014-1819	Apache	CVE-2013-4352	Apache HTTP Server mod_cache Denial of Service (CVE-2013-4352)
High	7 Oct 2014	7 Oct 2014	CPAI-2014-1893	Metasploit		JBoss JMX Console Deployer Upload and Execute
High	3 Apr 2014	6 Oct 2014	CPAI-2014-1323	Lighttpd Project sa_2014_01	CVE-2014-2323 CVE-2014-2324	Lighttpd Host Header Multiple Vulnerabilities (CVE-2014-2323; CVE-2014-2324)
Critical	13 Apr 2014	6 Oct 2014	CPAI-2014-1585	Digium AST-2014-002	CVE-2014-2287	Digium Asterisk File Descriptor Invalid Headers Syntax Denial of Service (CVE-2014-2287)
High	30 Sep 2014	5 Oct 2014	CPAI-2014-1838	Mozilla mfsa2014-68	CVE-2014-1563	Mozilla Firefox DOMSVGLength Reflected Attribute Use-After-Free (CVE-2014-1563)
Medium	2 Oct 2014	5 Oct 2014	CPAI-2014-1874	Mitre.org	CVE-2012-0261	op5 Monitor license.php Remote Command Execution (CVE-2012-0261)
Critical	5 Oct 2014	5 Oct 2014	CPAI-2014-1875		CVE-2013-1349	OpenSIS ajax.php modname Code Execution (CVE-2013-1349)
Medium	17 Sep 2014	2 Oct 2014	CPAI-2014-1813		CVE-2014-1651	Symantec Web Gateway dbutils.php SQL Injection (CVE-2014-1651)
High	21 Sep 2014	2 Oct 2014	CPAI-2014-1830	HP	CVE-2014-2625	HP Network Virtualization storedNtxFile Directory Traversal (CVE-2014-2625)
Medium	22 Sep 2014	2 Oct 2014	CPAI-2014-1833	Attachmate 2501	CVE-2014-0606	Attachmate Reflection FTP Client ActiveX GetSiteProperties3 Memory Corruption (CVE-2014-0606)
Critical	2 Oct 2014	2 Oct 2014	CPAI-2014-1871		CVE-2014-1572	Bugzilla Privilege Escalation - Email Validation Bypass (CVE-2014-1572)
High	12 Jan 2014	1 Oct 2014	CPAI-2014-0378		CVE-2013-1417	Kerberos Cross-Realm Referrals KDC NULL Pointer Dereference Denial of Service (CVE-2013-1417)
High	30 Sep 2014	1 Oct 2014	CPAI-2014-1853	SolarWinds	CVE-2014-5504	SolarWinds Log and Event Manager Static Credentials (CVE-2014-5504)
Critical	21 Sep 2014	30 Sep 2014	CPAI-2014-1828	HP	CVE-2014-2626	HP Network Virtualization toServerObject Directory Traversal (CVE-2014-2626)
Medium	28 Sep 2014	28 Sep 2014	CPAI-2014-1847	Splunk	CVE-2013-6771	Splunk collect file Directory Traversal (CVE-2013-6771)
Critical	17 Jun 2014	23 Sep 2014	CPAI-2014-1642	Adobe APSB14-15	CVE-2014-0521	Adobe Reader Javascript API Information Disclosure (APSB14-15; CVE-2014-0521)
Critical	22 Sep 2014	22 Sep 2014	CPAI-2014-1810	IBM swg21461514	CVE-2011-0917	Multiple Vendors LDAP Server Remote Denial of Service Vulnerabilities (CVE-2011-0917)
High	22 Sep 2014	22 Sep 2014	CPAI-2014-1815	IPS Research Team	CVE-2014-6041	Google Android Browser Same Origin Policy Bypass (CVE-2014-6041)
Critical	22 Sep 2014	22 Sep 2014	CPAI-2014-1820	Adobe Security Bulletin APSB14-21	CVE-2014-0552	Adobe Flash Player Memory Corruption (APSB14-21; CVE-2014-0552)
Critical	22 Sep 2014	22 Sep 2014	CPAI-2014-1821	Adobe Security Bulletin APSB14-20	CVE-2014-0565	Adobe Acrobat and Reader Memory Corruption (APSB14-20; CVE-2014-0565)
High	2 Jun 2014	22 Sep 2014	CPAI-2014-1586	Rapid7 Advisory	CVE-2014-2314	JIRA Issues Collector Directory Traversal (CVE-2014-2314)
Critical	21 Sep 2014	22 Sep 2014	CPAI-2014-1829	HP	CVE-2014-2617	HP Universal CMDB Default Credentials Arbitrary File Upload (CVE-2014-2617)
Critical	21 Sep 2014	22 Sep 2014	CPAI-2014-1821	Adobe APSB14-20	CVE-2014-0565	Adobe Acrobat and Reader Memory Corruption (APSB14-20: CVE-2014-0565)
Critical	21 Sep 2014	21 Sep 2014	CPAI-2014-1796	Samba Team	CVE-2014-3560	Samba nmbd unstrcpy Buffer Overflow (CVE-2014-3560)
Critical	21 Sep 2014	21 Sep 2014	CPAI-2014-1824	Adobe Security Bulletin APSB14-20	CVE-2014-0568	Adobe Acrobat and Reader Sandbox Bypass (APSB14-20; CVE-2014-0568)
Critical	21 Sep 2014	21 Sep 2014	CPAI-2014-1825	Adobe Security Bulletin APSB14-20	CVE-2014-0567	Adobe Reader and Acrobat JavaScript Heap Overflow (APSB14-20; CVE-2014-0567)
Critical	21 Sep 2014	21 Sep 2014	CPAI-2014-1835	Adobe Security Bulletin APSB14-21	CVE-2014-0559	Adobe Flash Player and AIR Heap Overflow (APSB14-21; CVE-2014-0559)
High	21 Sep 2014	21 Sep 2014	CPAI-2014-1818	Oracle	CVE-2014-4249	Oracle Business Intelligence Mobile App Designer Information Disclosure (CVE-2014-4249)
High	21 Sep 2014	21 Sep 2014	CPAI-2014-1816	Oracle	CVE-2014-4262	Oracle Java AtomicReferenceFieldUpdater Type Confusion (CVE-2014-4262)
Critical	21 Sep 2014	21 Sep 2014	CPAI-2014-1824	Adobe APSB14-20	CVE-2014-0568	Adobe Acrobat and Reader Sandbox Bypass (APSB14-20; CVE-2014-0568)
Critical	21 Sep 2014	21 Sep 2014	CPAI-2014-1825	Adobe APSB14-20	CVE-2014-0567	Adobe Reader and Acrobat JavaScript Heap Overflow (APSB14-20; CVE-2014-0567)
High	16 Sep 2014	17 Sep 2014	CPAI-2014-1811			CommuniGate Systems CommuniGate Pro LDAP Server Buffer Overflow
High	15 Sep 2014	16 Sep 2014	CPAI-2014-1808	Oracle	CVE-2014-4216	Oracle Java Generic Signature Attribute Memory Corruption (CVE-2014-4216)
High	23 Jun 2014	15 Sep 2014	CPAI-2014-1657	Rapid7	CVE-2013-5576	Joomla Media Manager File Upload Code Execution (CVE-2013-5576)
High	16 Sep 2014	14 Sep 2014	CPAI-2014-1801	IPS Research Team		PhpMyAdmin REQUEST Superglobal Remote Variable Manipulation
High	16 Sep 2014	14 Sep 2014	CPAI-2014-1803	IPS Research Team		PhpMyAdmin SERVER Superglobal Remote Variable Manipulation
Critical	16 Apr 2014	14 Sep 2014	CPAI-2014-1396	CVE-2011-0041		Microsoft GDI EMF Image Processing Integer Overflow - Ver2 (CVE-2011-0041)
Critical	9 Sep 2014	9 Sep 2014	CPAI-2014-1795	CVE-2014-4088		Microsoft Internet Explorer Memory Corruption (MS14-052; CVE-2014-4088)
Critical	9 Sep 2014	9 Sep 2014	CPAI-2014-1794	CVE-2014-4081		Microsoft Internet Explorer Memory Corruption (MS14-052; CVE-2014-4081)
Critical	9 Sep 2014	9 Sep 2014	CPAI-2014-1791	CVE-2014-4094		Microsoft Internet Explorer Memory Corruption (MS14-052; CVE-2014-4094)
Critical	9 Sep 2014	9 Sep 2014	CPAI-2014-1790	CVE-2014-4092		Microsoft Internet Explorer Memory Corruption (MS14-052; CVE-2014-4092)
Critical	9 Sep 2014	9 Sep 2014	CPAI-2014-1788	CVE-2014-4087		Microsoft Internet Explorer Memory Corruption (MS14-052; CVE-2014-4087)
Critical	9 Sep 2014	9 Sep 2014	CPAI-2014-1787	CVE-2014-4084		Microsoft Internet Explorer Memory Corruption (MS14-052; CVE-2014-4084)
Critical	9 Sep 2014	9 Sep 2014	CPAI-2014-1786	CVE-2014-4080		Microsoft Internet Explorer Memory Corruption (MS14-052; CVE-2014-4080)
Low	1 Sep 2014	9 Sep 2014	CPAI-2014-1782			Multipath TCP
Critical	16 Sep 2014	9 Sep 2014	CPAI-2014-1802	Adobe Security Bulletin APSB14-14	CVE-2014-0516	Adobe Flash Player Same Origin Policy Bypass (APSB14-14; CVE-2014-0516)
High	16 Sep 2014	7 Sep 2014	CPAI-2014-1783	IPS Research Team		WordPress Gmedia Gallery Shell Upload
Critical	16 Sep 2014	7 Sep 2014	CPAI-2014-1777	Adobe Security Bulletin APSB14-18	CVE-2014-0545	Adobe Flash Player Memory Leakage (APSB14-18; CVE-2014-0545)