Home / 2017 Advisories Archive

2017 Advisories Archive

Severity	Date Published	Date Updated	Check Point Reference	Source	Industry Reference	Description
Medium	7 Jun 2017	22 Jan 2018	CPAI-2017-0474	ISC AA-01466	CVE-2017-3137	ISC BIND Referral CNAME and DNAME Assertion Failure Denial of Service (CVE-2017-3137)
Medium	11 Sep 2017	16 Jan 2018	CPAI-2017-0752	HPE	CVE-2017-12491	HPE Intelligent Management Center saveSelectedDevices Expression Language Injection (CVE-2017-12491)
Critical	30 Apr 2017	11 Jan 2018	CPAI-2017-0350	Adobe APSB17-11	CVE-2017-3049	Adobe Acrobat and Reader Heap Overflow (APSB17-11: CVE-2017-3049)
Critical	13 Oct 2017	11 Jan 2018	CPAI-2017-0833	Microsoft CVE-2017-11826	CVE-2017-11826	Microsoft Office Memory Corruption (CVE-2017-11826)
High	14 Nov 2017	11 Jan 2018	CPAI-2017-0920	Microsoft CVE-2017-11873	CVE-2017-11873	Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11873)
Critical	14 Nov 2017	11 Jan 2018	CPAI-2017-0967	Adobe APSB17-36	CVE-2017-16392	Adobe Acrobat and Reader Buffer Access with Incorrect Length Value (APSB17-36: CVE-2017-16392)
Critical	18 Dec 2017	11 Jan 2018	CPAI-2017-1075	Apache	CVE-2017-12635	Apache CouchDB JSON Remote Privilege Escalation (CVE-2017-12635)
Critical	13 Jul 2017	10 Jan 2018	CPAI-2017-0565			Suspicious Executable Containing Ransomware
Medium	17 Dec 2017	10 Jan 2018	CPAI-2017-1069	Oracle	CVE-2017-10278	Oracle Tuxedo Jolt Protocol Heap Buffer Overflow (CVE-2017-10278)
High	14 Nov 2017	9 Jan 2018	CPAI-2017-0894	Microsoft CVE-2017-11840	CVE-2017-11840	Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11840)
Medium	28 Dec 2017	9 Jan 2018	CPAI-2017-1096	Cisco	CVE-2017-12285	Cisco Prime Network Analysis Module Graph Directory Traversal (CVE-2017-12285)
Medium	3 May 2017	4 Jan 2018	CPAI-2017-0367	Digium AST-2017-001	CVE-2017-16671 CVE-2017-7617	Digium Asterisk CDR ast_cdr_setuserfield Buffer Overflow (CVE-2017-16671; CVE-2017-7617)
Critical	14 Nov 2017	3 Jan 2018	CPAI-2017-0970	Adobe APSB17-36	CVE-2017-16413	Adobe Acrobat and Reader Out-of-bounds Write (APSB17-36: CVE-2017-16413)
Critical	27 Nov 2017	3 Jan 2018	CPAI-2017-1019	Adobe APSB17-30	CVE-2017-11283	Adobe ColdFusion DataServicesCFProxy Insecure Deserialization (CVE-2017-11283)
Medium	19 Dec 2017	3 Jan 2018	CPAI-2017-1078	Google Project Zero	CVE-2017-13796	Apple WebKit Use After Free Code Execution (CVE-2017-13796)
Medium	19 Dec 2017	3 Jan 2018	CPAI-2018-0006	Google Project Zero	CVE-2017-13795	Apple WebKit Use After Free Code Execution (CVE-2017-13795)
Critical	28 Dec 2017	1 Jan 2018	CPAI-2018-0001			Triton Toolkit SIS Controllers Denial Of Service
Critical	7 Nov 2017	31 Dec 2017	CPAI-2017-0919	Trend Micro	CVE-2017-11391 CVE-2017-11394	Trend Micro InterScan Messaging Security modTMCSS Command Injection (CVE-2017-11391; CVE-2017-11394)
Critical	27 Nov 2017	31 Dec 2017	CPAI-2017-1016		CVE-2017-17215	Huawei HG532 Router Remote Code Execution (CVE-2017-17215)
High	18 Dec 2017	28 Dec 2017	CPAI-2017-1073	Rapid7		Foxit PDF Reader Javascript File Write Remote Code Execution
High	29 Nov 2017	27 Dec 2017	CPAI-2017-1026		CVE-2017-13792	Apple WebKit Use After Free Code Execution (CVE-2017-13792)
High	10 Oct 2017	26 Dec 2017	CPAI-2017-0798	Microsoft Project Zero CVE-2017-11793	CVE-2017-11793	Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2017-11793)
Medium	16 Nov 2017	26 Dec 2017	CPAI-2017-1000	GNU	CVE-2017-13090	GNU Wget fd_read_body Heap Buffer Overflow (CVE-2017-13090)
High	8 Oct 2017	25 Dec 2017	CPAI-2017-0829		CVE-2017-14706	DenyAll Web Application Firewall Remote Code Execution (CVE-2017-14706)
Critical	12 Dec 2017	25 Dec 2017	CPAI-2017-1034	Microsoft CVE-2017-11889	CVE-2017-11889	Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11889)
Critical	14 Nov 2017	24 Dec 2017	CPAI-2017-0975	Adobe APSB17-36	CVE-2017-16401	Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16401)
Critical	24 Dec 2017	24 Dec 2017	CPAI-2017-1085			GoAhead CGI Scanner
Critical	21 Dec 2017	21 Dec 2017	CPAI-2017-1083			WordPress Captcha Plugin Backdoor
Critical	17 Sep 2017	20 Dec 2017	CPAI-2017-0770			Suspicious Evasion In HTML
Critical	20 Dec 2017	20 Dec 2017	CPAI-2017-1082		CVE-2015-0899 CVE-2016-1182	Multiple Webservers Cross-Site Scripting Attempt (CVE-2015-0899; CVE-2016-1182)
High	20 Dec 2017	20 Dec 2017	CPAI-2017-1081	Microsoft CVE-2017-11906	CVE-2017-11906	Microsoft Internet Explorer Scripting Engine Information Disclosure (CVE-2017-11906)
Medium	17 Dec 2017	19 Dec 2017	CPAI-2017-1071	Project Zero	CVE-2017-13785	Apple WebKit Out-of-bounds Read (CVE-2017-13785)
Critical	19 Dec 2017	19 Dec 2017	CPAI-2017-1076		CVE-2017-17672	vBulletin cacheTemplates Remote Code Execution (CVE-2017-17672)
Critical	19 Dec 2017	19 Dec 2017	CPAI-2017-1077			vBulletin Routestring Remote Code Execution
High	16 Feb 2017	18 Dec 2017	CPAI-2017-0133		CVE-2016-9244	F5 Big-IP TLS Information Disclosure (Ticketbleed; CVE-2016-9244)
N/A	24 Apr 2017	18 Dec 2017	CPAI-2017-0407			Weak SSL DES Cipher Suites
Medium	4 Dec 2017	18 Dec 2017	CPAI-2017-1048	Apache	CVE-2017-7659	Apache HTTPD mod_http2 Null Pointer Dereference (CVE-2017-7659)
High	9 Nov 2017	14 Dec 2017	CPAI-2017-0929	Trend Micro	CVE-2017-14089	Trend Micro OfficeScan Memory Corruption (CVE-2017-14089)
Critical	14 Nov 2017	14 Dec 2017	CPAI-2017-0990	Adobe APSB17-36	CVE-2017-16365	Adobe Acrobat and Reader Buffer Over-read (APSB17-36: CVE-2017-16365)
Critical	14 Nov 2017	14 Dec 2017	CPAI-2017-0978	Adobe APSB17-36	CVE-2017-16417	Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16417)
Critical	14 Nov 2017	13 Dec 2017	CPAI-2017-0945	Adobe APSB17-36	CVE-2017-16362	Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16362)
High	3 Dec 2017	13 Dec 2017	CPAI-2017-1045	HPE	CVE-2017-12558	HPE Intelligent Management Center WebDMServlet Insecure Deserialization (CVE-2017-12558)
High	13 Dec 2017	13 Dec 2017	CPAI-2017-1066		CVE-2017-12149 CVE-2017-7504	JbossMQ Invocation Layer Deserialization Remote Code Execution (CVE-2017-12149; CVE-2017-7504)
High	14 Nov 2017	12 Dec 2017	CPAI-2017-0932	Adobe APSB17-36	CVE-2017-16396	Adobe Acrobat and Reader Buffer Access with Incorrect Length Value (APSB17-36: CVE-2017-16396)
High	12 Dec 2017	12 Dec 2017	CPAI-2017-1044	Microsoft CVE-2017-11935	CVE-2017-11935	Microsoft Excel Remote Code Execution (CVE-2017-11935)
Critical	12 Dec 2017	12 Dec 2017	CPAI-2017-1035	Microsoft CVE-2017-11895	CVE-2017-11895	Microsoft Browser Scripting Engine Memory Corruption (CVE-2017-11895)
High	12 Dec 2017	12 Dec 2017	CPAI-2017-1040	Microsoft CVE-2017-11930	CVE-2017-11930	Microsoft Browser Scripting Engine Memory Corruption (CVE-2017-11930)
Medium	12 Dec 2017	12 Dec 2017	CPAI-2017-1062	Project zero	CVE-2017-13783	Apple WebKit out-of-bounds read (CVE-2017-13783)
Critical	12 Dec 2017	12 Dec 2017	CPAI-2017-1028	Microsoft CVE-2017-11886	CVE-2017-11886	Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2017-11886)
Critical	12 Dec 2017	12 Dec 2017	CPAI-2017-1049	Microsoft CVE-2017-11909	CVE-2017-11909	Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11909)