Home / 2014 Advisories Archive

2014 Advisories Archive

Severity	Date Published	Check Point Reference	Source	Description
High	28 Jan 2014	CPAI-2014-0751	CVE-2005-1009	BakBone NetVault Messages Buffer Overflow - ver 2 (CVE-2005-1009)
Critical	28 Jan 2014	CPAI-2014-0641		Modernbill config.php DIR Parameter PHP Code Execution - Ver2 (CVE-2006-4034)
Critical	28 Jan 2014	CPAI-2014-0119		MSXML Response Handling Memory Corruption - Ver2 (CVE-2010-2561)
Critical	28 Jan 2014	CPAI-2014-0118		Light Weight Calendar index.php date Parameter PHP Code Execution - Ver2 (CVE-2006-0206)
Critical	20 Jan 2014	CPAI-2014-0749		vSkimmer Point-of-Sale Terminals Server Information Disclosure
High	19 Jan 2014	CPAI-2014-0750	CVE-2013-5211	NTP Servers Monlist Command Denial of Service (CVE-2013-5211)
Critical	28 Jan 2014	CPAI-2014-0115		Turnkey Web Tools PHP Simple Shop abs-path Parameter PHP Code Execution - Ver2 (CVE-2006-4052)
Critical	28 Jan 2014	CPAI-2014-0113		TinyPHPForum action.php txt Parameter Cross-Site Scripting - Ver2 (CVE-2006-0102)
Critical	28 Jan 2014	CPAI-2014-0104		Apple Safari Webkit Use-After-Free Code Execution- Ver2 (CVE-2010-1807)
Critical	28 Jan 2014	CPAI-2014-0103		Foro Domus escribir.php email Parameter Cross-Site Scripting - Ver2 (CVE-2006-0110)
Critical	28 Jan 2014	CPAI-2014-0102		Microsoft Internet Explorer Table Layout Column Memory Corruption - Ver2 (CVE-2010-0244)
Critical	28 Jan 2014	CPAI-2014-0099		Microsoft Sharepoint Path Info Cross-Site Scripting - Ver2 (CVE-2007-2581)
Critical	28 Jan 2014	CPAI-2014-0090		Microsoft Internet Explorer Rule Use After Free - Ver2 (CVE-2010-3328)
Critical	28 Jan 2014	CPAI-2014-0087		G-neric Generic MembreManager.php include-path Parameter PHP Code Execution - Ver2 (CVE-2007-0584)
Critical	28 Jan 2014	CPAI-2014-0085		RealPlayer CDDA URI Code Execution - Ver2 (CVE-2010-3747)
Critical	28 Jan 2014	CPAI-2014-0070		ACGVclick function.inc.php path Parameter PHP Code Execution - Ver2 (CVE-2007-0577)
Critical	28 Jan 2014	CPAI-2014-0067		Cisco Secure ACS LogonProxy.cgi Cross-Site Scripting - Ver2 (CVE-2006-3101)
Critical	28 Jan 2014	CPAI-2014-0061		Netscape Server WP Tag Directory Travaersal - Ver2 (CVE-2000-0236)
Critical	28 Jan 2014	CPAI-2014-0058		GNUTurk mods.php t_id Parameter SQL Injection - Ver2 (CVE-2006-4867)
Critical	28 Jan 2014	CPAI-2014-0054		Fourtwosevenbb Cookie-based Authentication Bypass - Ver2 (CVE-2006-0153)
Critical	28 Jan 2014	CPAI-2014-0052		Fourtwosevenbb showthread.php ForumID Parameter SQL Injection - Ver2 (CVE-2006-0154)
Critical	28 Jan 2014	CPAI-2014-0047		Boite de News index.php url_index Parameter PHP Code Execution - Ver2 (CVE-2006-4123)
Critical	28 Jan 2014	CPAI-2014-0046		Microsoft SharePoint Calendar Cross-Site Scripting - Ver2 (CVE-2011-0653)
Critical	28 Jan 2014	CPAI-2014-0044		MF Piadas admin.php page Parameter PHP Code Execution - Ver2 (CVE-2006-3323)
Critical	28 Jan 2014	CPAI-2014-0040		Activist Mobilization Platform base.php base_path Parameter PHP Code Execution - Ver2 (CVE-2007-1571)
Critical	28 Jan 2014	CPAI-2014-0034		Viscom Software Movie Player Pro ActiveX Control Buffer Overflow - Ver2 (CVE-2010-0356)
Critical	28 Jan 2014	CPAI-2014-0033		WoWRoster subdir Parameter PHP Code Execution - Ver2 (CVE-2006-3997)
Critical	28 Jan 2014	CPAI-2014-0006		Mozilla Firefox Javascript XBL.method.eval Code Execution - Ver2 (CVE-2006-1735)
Medium	28 Jan 2014	CPAI-2013-3752	CVE-2013-1978	GIMP XWD File Handling Heap Buffer Overflow (CVE-2013-1978)
Critical	28 Jan 2014	CPAI-2013-3686	CVE-2013-4212	Apache Roller OGNL Injection Remote Code Execution (CVE-2013-4212)
Critical	28 Jan 2014	CPAI-2013-3512	CVE-2010-5107	OpenSSH maxstartup Threshold Connection Exhaustion denial of service (CVE-2010-5107)
High	3 Feb 2014	CPAI-2014-0857		GNU Wget Arbitrary File Download
Critical	3 Feb 2014	CPAI-2014-0852	CVE-2006-0067	VEGO Web Forum login.php username Parameter SQL Injection - Ver2 (CVE-2006-0067)
Critical	3 Feb 2014	CPAI-2014-0851	CVE-2009-1350	Novell NeaatIdentity RPC Pointer Dereference Code Execution - Ver2 (CVE-2009-1350)
Critical	3 Feb 2014	CPAI-2014-0850	CVE-2001-0478	phpMYAdmin goto Parameter PHP Code Execution - Ver2 (CVE-2001-0478)
Critical	3 Feb 2014	CPAI-2014-0849	CVE-2006-4827	Vmist Downstat art Parameter PHP Code Execution - Ver2 (CVE-2006-4827)
Critical	3 Feb 2014	CPAI-2014-0848	CVE-2006-4053	ME Download System header.php Parameter PHP Code Execution - Ver2 (CVE-2006-4053)
Critical	3 Feb 2014	CPAI-2014-0847	CVE-2009-1141	Internet Explorer DHTML Object Memory Corruption - Ver2 (CVE-2009-1141)
Critical	3 Feb 2014	CPAI-2014-0846	CVE-2006-0079	ScozBook auth.php adminname Parameter SQL Injection - Ver2 (CVE-2006-0079)
Critical	3 Feb 2014	CPAI-2014-0845	CVE-2002-0573	Solaris rwalld Format String - Ver2 (CVE-2002-0573)
Critical	3 Feb 2014	CPAI-2014-0844	CVE-2007-1297	AJ Dating view_profile.php user_id Parameter SQL Injection - Ver2 (CVE-2007-1297)
Critical	3 Feb 2014	CPAI-2014-0843	CVE-2006-4237	IRSR pageheaderdefault.inc.php sysSessionPath Parameter PHP Code Execution - Ver2 (CVE-2006-4237)
Critical	3 Feb 2014	CPAI-2014-0842	CVE-2006-3928	WMNews index.php base_datapath Parameter PHP Code Execution - Ver2 (CVE-2006-3928)
Critical	3 Feb 2014	CPAI-2014-0841	CVE-2007-0881	OPENi-CMS Plugin index.php oi_dir Parameter PHP Code Execution - Ver2 (CVE-2007-0881)
Critical	3 Feb 2014	CPAI-2014-0840	CVE-2007-2139	CA BrightStor Arcserve Media Server Stack Buffer Overflow - Ver2 (CVE-2007-2139)
Critical	3 Feb 2014	CPAI-2014-0839	CVE-2006-3803	Mozilla Firefox New Function Garbage Collection Code Execution - Ver2 (CVE-2006-3803)
Critical	3 Feb 2014	CPAI-2014-0838	CVE-2006-4354	Empire CMS checklevel.php check_path Parameter PHP Code Execution - Ver2 (CVE-2006-4354)
Critical	3 Feb 2014	CPAI-2014-0837	CVE-2002-1993	WebBBS webbbs_config.pl followup Parameter Command Execution - Ver2 (CVE-2002-1993)
Critical	3 Feb 2014	CPAI-2014-0836	CVE-2006-3989	Knusperleicht Shoutbox index.php sb_include_path Parameter PHP Code Execution - Ver2 (CVE-2006-3989)
Critical	3 Feb 2014	CPAI-2014-0835	CVE-2002-0561	Oracle 9i HTTP Server Web Administration Access Privilege Escalation - Ver2 (CVE-2002-0561)