Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mail-gear | 1.0 |
Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2000 |
Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 8.0 |
Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | * |
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_utilities | 2.0 |
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mcafee | virusscan | * |
| symantec | norton_antivirus | * |
Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 1.0 |
PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 9.0 |
| symantec | pcanywhere | 8.0 |
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 9.0 |
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 8.0.2 |
| symantec | pcanywhere | 9.0 |
| symantec | pcanywhere | 8.0.1 |
| symantec | pcanywhere | 9.2 |
Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2.0 |
| symantec | norton_antivirus | 1.5 |
In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2.0 |
| symantec | norton_antivirus | 1.5 |
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| novell | client | 3.1 |
| symantec | norton_antivirus | 5.0 |
I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | i-gear | 3.5 |
| symantec | i-gear | 3.5.7 |
Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | raptor_firewall | 6.5 |
Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a registry key, which could allow local users to obtain the passwords.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate | 1.5 |
Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_ghost | * |
The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-434,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2.5 |
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-494,CWE-494,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate | * |
Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate | 1.5 |
| symantec | liveupdate | 1.4 |
| symantec | liveupdate | 1.6 |
The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | enterprise_firewall | 7.0 |
| symantec | enterprise_firewall | 6.5.2 |
SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | enterprise_firewall | 6.5.2 |
Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate | * |
Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_ghost | 7.0 |
Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-178,CWE-178,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | * |
FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | raptor_firewall | 6.5.3 |
| symantec | enterprise_firewall | 7.0 |
| symantec | gateway_security | 1.0 |
| symantec | raptor_firewall | 6.5 |
| symantec | enterprise_firewall | 6.5.2 |
| symantec | velociraptor | 1.x |
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_internet_security | 2001 |
| symantec | norton_personal_firewall | 2001_3.0.4.91 |
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | velociraptor | 1000 |
| symantec | gateway_security | 5200 |
| symantec | velociraptor | 1100 |
| symantec | enterprise_firewall | 6.5.2 |
| symantec | velociraptor | 1300 |
| symantec | velociraptor | 500 |
| symantec | raptor_firewall | 6.5.3 |
| symantec | gateway_security | 5300 |
| symantec | enterprise_firewall | 7.0 |
| symantec | gateway_security | 5110 |
| symantec | velociraptor | 1200 |
| symantec | raptor_firewall | 6.5 |
| symantec | velociraptor | 700 |
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security | 5200 |
| symantec | velociraptor | model_1300 |
| symantec | enterprise_firewall | 6.5.2 |
| symantec | velociraptor | model_500 |
| symantec | raptor_firewall | 6.5.3 |
| symantec | velociraptor | model_1200 |
| symantec | gateway_security | 5300 |
| symantec | enterprise_firewall | 7.0 |
| symantec | gateway_security | 5110 |
| symantec | velociraptor | model_1000 |
| symantec | raptor_firewall | 6.5 |
| symantec | velociraptor | model_1100 |
| symantec | velociraptor | model_700 |
Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | raptor_firewall | 6.5.3 |
| symantec | raptor_firewall | 6.5 |
| symantec | enterprise_firewall | 6.5.2 |
The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | corporate_7.6 |
| symantec | norton_antivirus | corporate_7.51 |
| symantec | norton_antivirus | corporate_7.5 |
Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_internet_security | 2001 |
| microsoft | internet_information_server | 4.0 |
| microsoft | internet_information_services | 5.0 |
NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to send viruses that bypass the e-mail scanning via a NULL character in the MIME header before the virus. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2002 |
NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2002 |
NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office document. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the Office plug-in would detect the virus before it is executed
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2002 |
NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension such as .nch or .dbx, but a malicious extension in the Content-Disposition field, which is used by Outlook to obtain the file name. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but Norton AntiVirus or the Office plug-in would detect the virus before it is executed
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2002 |
Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_personal_firewall | 2002 |
The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305).
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_personal_firewall | 2002 |
Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | firewall_vpn_appliance_200r | * |
| symantec | firewall_vpn_appliance_100 | * |
| symantec | firewall_vpn_appliance_200 | * |
The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2001 |
Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator 4.0 through 4.8 allows remote attackers to execute arbitrary Java commands via an applet that uses a jump call, which is not correctly compiled by the JIT compiler.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | java | 4.77 |
| symantec | java | 4.76 |
| symantec | java | 4.0 |
| symantec | java | 4.08 |
| symantec | java | 4.79 |
| symantec | java | 4.06 |
| symantec | java | 4.5 |
| symantec | java | 4.61 |
| symantec | java | 4.75 |
| symantec | java | 4.6 |
| symantec | java | 4.7 |
| symantec | java | 4.51 |
| symantec | java | 4.73 |
| symantec | java | 4.4 |
| symantec | java | 4.74 |
| symantec | java | 4.07 |
| symantec | java | 4.72 |
| symantec | java | 4.78 |
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | raptor_firewall | 6.5.3 |
| symantec | velociraptor | model_1200 |
| symantec | velociraptor | model_1300 |
| symantec | enterprise_firewall | 7.0 |
| symantec | velociraptor | model_1000 |
| symantec | raptor_firewall | 6.5 |
| symantec | enterprise_firewall | 6.5.2 |
| symantec | velociraptor | model_1100 |
| symantec | velociraptor | model_500 |
| symantec | velociraptor | model_700 |
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-200,NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | velociraptor | 1.0 |
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-16,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_personal_firewall | 2002 |
Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed (1) source IP address of 127.0.0.1 or (2) network address of 127.0.0.0.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | sygate_personal_firewall | 5.0 |
The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | enterprise_firewall | 7.0 |
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | security_check | * |
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 10.5 |
| symantec | pcanywhere | 10.0 |
| symantec | pcanywhere | 11.0 |
The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_system_works | 2001 |
| symantec | norton_antivirus | 2.1 |
| symantec | norton_system_works | 2002 |
| symantec | windows_liveupdate | 1.70.x |
| symantec | norton_antivirus | 2002 |
| symantec | norton_antivirus | 2001 |
| symantec | norton_system_works | 2004 |
| symantec | norton_system_works | 2003 |
| symantec | norton_antivirus | v3.0 |
| symantec | norton_internet_security | 2002 |
| symantec | norton_internet_security | 2001 |
| symantec | norton_antivirus | 2004 |
| symantec | norton_internet_security | 2003 |
| symantec | norton_internet_security | 2004 |
| symantec | windows_liveupdate | 1.90.x |
| symantec | norton_antivirus | 2003 |
Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_internet_security | 2003_6.0.4.34 |
The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack").
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2002 |
| symantec | norton_antivirus | 2003 |
Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2002 |
VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | vxfs | 3.3.3 |
| symantec | vxfs | 3.5 |
| symantec | vxfs | 3.4 |
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| stonesoft | stonegate | 2.0.5 |
| checkpoint | firewall-1 | next_generation_fp1 |
| cisco | firewall_services_module | 1.1.3 |
| stonesoft | stonegate | 2.2.1 |
| stonesoft | stonegate | 2.0.4 |
| stonesoft | stonegate_vpn_client | 2.0 |
| neoteris | instant_virtual_extranet | 3.0 |
| cisco | pix_firewall_software | 6.1(4) |
| sco | openserver | 5.0.7 |
| avaya | sg200 | 4.4 |
| cisco | ios | 12.1(11b)e12 |
| stonesoft | stonegate | 1.5.18 |
| checkpoint | firewall-1 | * |
| openssl | openssl | 0.9.6e |
| stonesoft | stonebeat_securitycluster | 2.0 |
| sgi | propack | 2.4 |
| cisco | access_registrar | * |
| cisco | pix_firewall_software | 6.1(1) |
| lite | speed_technologies_litespeed_web_server | 1.0.1 |
| cisco | pix_firewall_software | 6.1 |
| redhat | linux | 8.0 |
| openssl | openssl | 0.9.6h |
| securecomputing | sidewinder | 5.2.1 |
| avaya | s8700 | r2.0.1 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| hp | aaa_server | * |
| avaya | intuity_audix | s3400 |
| cisco | pix_firewall_software | 6.2 |
| stonesoft | stonegate_vpn_client | 2.0.8 |
| freebsd | freebsd | 4.9 |
| avaya | intuity_audix | 5.1.46 |
| stonesoft | stonegate | 1.6.3 |
| checkpoint | vpn-1 | next_generation_fp2 |
| lite | speed_technologies_litespeed_web_server | 1.2.1 |
| lite | speed_technologies_litespeed_web_server | 1.1.1 |
| openbsd | openbsd | 3.4 |
| freebsd | freebsd | 4.8 |
| cisco | pix_firewall_software | 6.1(3) |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| apple | mac_os_x_server | 10.3.3 |
| 4d | webstar | 5.2.3 |
| stonesoft | stonebeat_fullcluster | 2.0 |
| cisco | webns | 6.10 |
| avaya | vsu | 100_r2.0.1 |
| cisco | pix_firewall_software | 6.0(4) |
| avaya | sg5 | 4.3 |
| cisco | secure_content_accelerator | 10000 |
| checkpoint | provider-1 | 4.1 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc2 |
| 4d | webstar | 5.3 |
| stonesoft | stonegate | 2.2 |
| openssl | openssl | 0.9.6d |
| avaya | sg5 | 4.2 |
| neoteris | instant_virtual_extranet | 3.1 |
| stonesoft | stonegate | 1.6.2 |
| avaya | s8700 | r2.0.0 |
| cisco | css_secure_content_accelerator | 2.0 |
| cisco | ios | 12.2sy |
| lite | speed_technologies_litespeed_web_server | 1.2_rc2 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc3 |
| 4d | webstar | 5.2.1 |
| stonesoft | stonegate | 2.2.4 |
| securecomputing | sidewinder | 5.2.0.01 |
| securecomputing | sidewinder | 5.2.1.02 |
| avaya | vsu | 500 |
| avaya | sg203 | 4.4 |
| cisco | pix_firewall_software | 6.0(3) |
| stonesoft | stonegate | 2.0.9 |
| dell | bsafe_ssl-j | 3.0.1 |
| cisco | css_secure_content_accelerator | 1.0 |
| hp | wbem | a.02.00.01 |
| lite | speed_technologies_litespeed_web_server | 1.2_rc1 |
| lite | speed_technologies_litespeed_web_server | 1.0.2 |
| redhat | openssl | 0.9.6-15 |
| cisco | pix_firewall_software | 6.3(3.102) |
| cisco | pix_firewall_software | 6.2(2) |
| redhat | openssl | 0.9.6b-3 |
| novell | edirectory | 8.5.12a |
| lite | speed_technologies_litespeed_web_server | 1.0.3 |
| cisco | pix_firewall_software | 6.2(1) |
| cisco | firewall_services_module | 2.1_(0.208) |
| apple | mac_os_x | 10.3.3 |
| cisco | pix_firewall | 6.2.2_.111 |
| securecomputing | sidewinder | 5.2 |
| redhat | linux | 7.3 |
| cisco | webns | 7.10 |
| openssl | openssl | 0.9.6k |
| avaya | sg5 | 4.4 |
| cisco | pix_firewall_software | 6.3(3.109) |
| lite | speed_technologies_litespeed_web_server | 1.3_rc1 |
| checkpoint | firewall-1 | next_generation_fp0 |
| novell | imanager | 1.5 |
| stonesoft | stonebeat_webcluster | 2.5 |
| cisco | firewall_services_module | 1.1.2 |
| hp | apache-based_web_server | 2.0.43.00 |
| hp | hp-ux | 11.00 |
| openssl | openssl | 0.9.6c |
| novell | imanager | 2.0 |
| dell | bsafe_ssl-j | 3.0 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| tarantella | tarantella_enterprise | 3.30 |
| stonesoft | stonegate_vpn_client | 2.0.7 |
| bluecoat | proxysg | * |
| avaya | vsu | 5000_r2.0.1 |
| tarantella | tarantella_enterprise | 3.40 |
| cisco | pix_firewall_software | 6.0 |
| cisco | gss_4490_global_site_selector | * |
| cisco | threat_response | * |
| stonesoft | stonegate | 1.7.2 |
| cisco | css11000_content_services_switch | * |
| redhat | enterprise_linux_desktop | 3.0 |
| sgi | propack | 3.0 |
| 4d | webstar | 5.3.1 |
| openssl | openssl | 0.9.7 |
| cisco | webns | 7.2_0.0.03 |
| cisco | ios | 12.1(13)e9 |
| redhat | openssl | 0.9.7a-2 |
| stonesoft | stonegate_vpn_client | 1.7 |
| avaya | sg203 | 4.31.29 |
| stonesoft | stonegate | 1.5.17 |
| lite | speed_technologies_litespeed_web_server | 1.2.2 |
| vmware | gsx_server | 2.5.1_build_5336 |
| hp | wbem | a.01.05.08 |
| avaya | sg208 | 4.4 |
| redhat | enterprise_linux | 3.0 |
| stonesoft | stonegate | 2.0.7 |
| neoteris | instant_virtual_extranet | 3.3 |
| hp | hp-ux | 11.23 |
| 4d | webstar | 4.0 |
| stonesoft | stonegate | 2.1 |
| openbsd | openbsd | 3.3 |
| vmware | gsx_server | 2.0.1_build_2129 |
| cisco | webns | 7.1_0.2.06 |
| stonesoft | stonegate | 1.7 |
| avaya | s8500 | r2.0.1 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| cisco | mds_9000 | * |
| openssl | openssl | 0.9.6i |
| freebsd | freebsd | 5.2.1 |
| novell | edirectory | 8.5 |
| openssl | openssl | 0.9.6j |
| cisco | webns | 6.10_b4 |
| cisco | webns | 7.10_.0.06s |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| openssl | openssl | 0.9.6g |
| avaya | vsu | 10000_r2.0.1 |
| lite | speed_technologies_litespeed_web_server | 1.3.1 |
| avaya | converged_communications_server | 2.0 |
| cisco | pix_firewall_software | 6.3 |
| stonesoft | stonegate_vpn_client | 2.0.9 |
| cisco | pix_firewall_software | 6.3(2) |
| hp | wbem | a.02.00.00 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| stonesoft | servercluster | 2.5.2 |
| stonesoft | stonebeat_fullcluster | 3.0 |
| novell | edirectory | 8.5.27 |
| stonesoft | stonebeat_fullcluster | 2.5 |
| openssl | openssl | 0.9.7a |
| cisco | pix_firewall_software | 6.0(1) |
| cisco | pix_firewall_software | 6.2(3.100) |
| cisco | application_and_content_networking_software | * |
| avaya | sg200 | 4.31.29 |
| openssl | openssl | 0.9.7b |
| cisco | ios | 12.1(11)e |
| hp | hp-ux | 8.05 |
| hp | hp-ux | 11.11 |
| avaya | vsu | 7500_r2.0.1 |
| cisco | ios | 12.2(14)sy |
| avaya | s8500 | r2.0.0 |
| sgi | propack | 2.3 |
| avaya | s8300 | r2.0.0 |
| sun | crypto_accelerator_4000 | 1.0 |
| vmware | gsx_server | 2.0 |
| cisco | pix_firewall_software | 6.1(5) |
| stonesoft | stonegate | 2.0.8 |
| securecomputing | sidewinder | 5.2.0.04 |
| cisco | ios | 12.1(11b)e14 |
| avaya | vsu | 2000_r2.0.1 |
| cisco | ios | 12.2za |
| stonesoft | servercluster | 2.5 |
| cisco | ciscoworks_common_services | 2.2 |
| openssl | openssl | 0.9.6f |
| novell | edirectory | 8.7 |
| hp | apache-based_web_server | 2.0.43.04 |
| cisco | ios | 12.1(11b)e |
| openssl | openssl | 0.9.7c |
| novell | edirectory | 8.7.1 |
| sco | openserver | 5.0.6 |
| checkpoint | firewall-1 | 2.0 |
| vmware | gsx_server | 3.0_build_7592 |
| avaya | intuity_audix | s3210 |
| cisco | content_services_switch_11500 | * |
| 4d | webstar | 5.2.2 |
| checkpoint | firewall-1 | next_generation_fp2 |
| novell | edirectory | 8.6.2 |
| tarantella | tarantella_enterprise | 3.20 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | firewall_services_module | 1.1_(3.005) |
| checkpoint | vpn-1 | next_generation_fp0 |
| cisco | webns | 7.1_0.1.02 |
| cisco | pix_firewall_software | 6.1(2) |
| stonesoft | stonegate | 2.0.1 |
| cisco | call_manager | * |
| lite | speed_technologies_litespeed_web_server | 1.3 |
| securecomputing | sidewinder | 5.2.0.03 |
| freebsd | freebsd | 5.2 |
| avaya | vsu | 5x |
| neoteris | instant_virtual_extranet | 3.2 |
| 4d | webstar | 5.2 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| avaya | intuity_audix | * |
| cisco | ios | 12.1(19)e1 |
| freebsd | freebsd | 5.1 |
| cisco | okena_stormwatch | 3.2 |
| 4d | webstar | 5.2.4 |
| avaya | vsu | 5 |
| securecomputing | sidewinder | 5.2.0.02 |
| cisco | ios | 12.2(14)sy1 |
| lite | speed_technologies_litespeed_web_server | 1.1 |
| stonesoft | stonegate_vpn_client | 1.7.2 |
| cisco | pix_firewall_software | 6.0(2) |
| cisco | pix_firewall_software | 6.0(4.101) |
| cisco | pix_firewall_software | 6.3(1) |
| stonesoft | stonebeat_securitycluster | 2.5 |
| stonesoft | stonegate | 2.0.6 |
| vmware | gsx_server | 2.5.1 |
| cisco | gss_4480_global_site_selector | * |
| cisco | firewall_services_module | * |
| avaya | sg208 | * |
| stonesoft | stonebeat_webcluster | 2.0 |
| stonesoft | stonegate | 1.7.1 |
| dell | bsafe_ssl-j | 3.1 |
| avaya | s8300 | r2.0.1 |
| novell | edirectory | 8.0 |
| redhat | linux | 7.2 |
| cisco | pix_firewall_software | 6.2(3) |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| stonesoft | stonegate | 2.0.5 |
| checkpoint | firewall-1 | next_generation_fp1 |
| cisco | firewall_services_module | 1.1.3 |
| stonesoft | stonegate | 2.2.1 |
| stonesoft | stonegate | 2.0.4 |
| stonesoft | stonegate_vpn_client | 2.0 |
| neoteris | instant_virtual_extranet | 3.0 |
| cisco | pix_firewall_software | 6.1(4) |
| sco | openserver | 5.0.7 |
| avaya | sg200 | 4.4 |
| cisco | ios | 12.1(11b)e12 |
| stonesoft | stonegate | 1.5.18 |
| checkpoint | firewall-1 | * |
| openssl | openssl | 0.9.6e |
| stonesoft | stonebeat_securitycluster | 2.0 |
| sgi | propack | 2.4 |
| cisco | access_registrar | * |
| cisco | pix_firewall_software | 6.1(1) |
| lite | speed_technologies_litespeed_web_server | 1.0.1 |
| cisco | pix_firewall_software | 6.1 |
| redhat | linux | 8.0 |
| openssl | openssl | 0.9.6h |
| securecomputing | sidewinder | 5.2.1 |
| avaya | s8700 | r2.0.1 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| hp | aaa_server | * |
| avaya | intuity_audix | s3400 |
| cisco | pix_firewall_software | 6.2 |
| stonesoft | stonegate_vpn_client | 2.0.8 |
| freebsd | freebsd | 4.9 |
| avaya | intuity_audix | 5.1.46 |
| stonesoft | stonegate | 1.6.3 |
| lite | speed_technologies_litespeed_web_server | 1.2.1 |
| lite | speed_technologies_litespeed_web_server | 1.1.1 |
| openbsd | openbsd | 3.4 |
| freebsd | freebsd | 4.8 |
| cisco | pix_firewall_software | 6.1(3) |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| apple | mac_os_x_server | 10.3.3 |
| 4d | webstar | 5.2.3 |
| stonesoft | stonebeat_fullcluster | 2.0 |
| cisco | webns | 6.10 |
| avaya | vsu | 100_r2.0.1 |
| cisco | pix_firewall_software | 6.0(4) |
| avaya | sg5 | 4.3 |
| cisco | secure_content_accelerator | 10000 |
| checkpoint | provider-1 | 4.1 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc2 |
| 4d | webstar | 5.3 |
| stonesoft | stonegate | 2.2 |
| openssl | openssl | 0.9.6d |
| avaya | sg5 | 4.2 |
| neoteris | instant_virtual_extranet | 3.1 |
| stonesoft | stonegate | 1.6.2 |
| avaya | s8700 | r2.0.0 |
| cisco | css_secure_content_accelerator | 2.0 |
| cisco | ios | 12.2sy |
| lite | speed_technologies_litespeed_web_server | 1.2_rc2 |
| lite | speed_technologies_litespeed_web_server | 1.3_rc3 |
| 4d | webstar | 5.2.1 |
| stonesoft | stonegate | 2.2.4 |
| securecomputing | sidewinder | 5.2.0.01 |
| securecomputing | sidewinder | 5.2.1.02 |
| avaya | vsu | 500 |
| avaya | sg203 | 4.4 |
| cisco | pix_firewall_software | 6.0(3) |
| stonesoft | stonegate | 2.0.9 |
| dell | bsafe_ssl-j | 3.0.1 |
| cisco | css_secure_content_accelerator | 1.0 |
| hp | wbem | a.02.00.01 |
| lite | speed_technologies_litespeed_web_server | 1.2_rc1 |
| lite | speed_technologies_litespeed_web_server | 1.0.2 |
| redhat | openssl | 0.9.6-15 |
| cisco | pix_firewall_software | 6.3(3.102) |
| cisco | pix_firewall_software | 6.2(2) |
| redhat | openssl | 0.9.6b-3 |
| novell | edirectory | 8.5.12a |
| lite | speed_technologies_litespeed_web_server | 1.0.3 |
| cisco | pix_firewall_software | 6.2(1) |
| cisco | firewall_services_module | 2.1_(0.208) |
| apple | mac_os_x | 10.3.3 |
| cisco | pix_firewall | 6.2.2_.111 |
| securecomputing | sidewinder | 5.2 |
| redhat | linux | 7.3 |
| cisco | webns | 7.10 |
| openssl | openssl | 0.9.6k |
| avaya | sg5 | 4.4 |
| cisco | pix_firewall_software | 6.3(3.109) |
| lite | speed_technologies_litespeed_web_server | 1.3_rc1 |
| checkpoint | firewall-1 | next_generation_fp0 |
| novell | imanager | 1.5 |
| stonesoft | stonebeat_webcluster | 2.5 |
| cisco | firewall_services_module | 1.1.2 |
| hp | apache-based_web_server | 2.0.43.00 |
| hp | hp-ux | 11.00 |
| openssl | openssl | 0.9.6c |
| novell | imanager | 2.0 |
| dell | bsafe_ssl-j | 3.0 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| tarantella | tarantella_enterprise | 3.30 |
| stonesoft | stonegate_vpn_client | 2.0.7 |
| bluecoat | proxysg | * |
| avaya | vsu | 5000_r2.0.1 |
| tarantella | tarantella_enterprise | 3.40 |
| cisco | pix_firewall_software | 6.0 |
| cisco | gss_4490_global_site_selector | * |
| cisco | threat_response | * |
| stonesoft | stonegate | 1.7.2 |
| cisco | css11000_content_services_switch | * |
| redhat | enterprise_linux_desktop | 3.0 |
| sgi | propack | 3.0 |
| 4d | webstar | 5.3.1 |
| openssl | openssl | 0.9.7 |
| cisco | webns | 7.2_0.0.03 |
| cisco | ios | 12.1(13)e9 |
| redhat | openssl | 0.9.7a-2 |
| stonesoft | stonegate_vpn_client | 1.7 |
| avaya | sg203 | 4.31.29 |
| stonesoft | stonegate | 1.5.17 |
| lite | speed_technologies_litespeed_web_server | 1.2.2 |
| vmware | gsx_server | 2.5.1_build_5336 |
| hp | wbem | a.01.05.08 |
| avaya | sg208 | 4.4 |
| redhat | enterprise_linux | 3.0 |
| stonesoft | stonegate | 2.0.7 |
| neoteris | instant_virtual_extranet | 3.3 |
| hp | hp-ux | 11.23 |
| 4d | webstar | 4.0 |
| stonesoft | stonegate | 2.1 |
| openbsd | openbsd | 3.3 |
| vmware | gsx_server | 2.0.1_build_2129 |
| cisco | webns | 7.1_0.2.06 |
| stonesoft | stonegate | 1.7 |
| avaya | s8500 | r2.0.1 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| cisco | mds_9000 | * |
| openssl | openssl | 0.9.6i |
| freebsd | freebsd | 5.2.1 |
| novell | edirectory | 8.5 |
| openssl | openssl | 0.9.6j |
| cisco | webns | 6.10_b4 |
| cisco | webns | 7.10_.0.06s |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| openssl | openssl | 0.9.6g |
| avaya | vsu | 10000_r2.0.1 |
| lite | speed_technologies_litespeed_web_server | 1.3.1 |
| avaya | converged_communications_server | 2.0 |
| cisco | pix_firewall_software | 6.3 |
| stonesoft | stonegate_vpn_client | 2.0.9 |
| cisco | pix_firewall_software | 6.3(2) |
| hp | wbem | a.02.00.00 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| stonesoft | servercluster | 2.5.2 |
| stonesoft | stonebeat_fullcluster | 3.0 |
| novell | edirectory | 8.5.27 |
| stonesoft | stonebeat_fullcluster | 2.5 |
| openssl | openssl | 0.9.7a |
| cisco | pix_firewall_software | 6.0(1) |
| cisco | pix_firewall_software | 6.2(3.100) |
| cisco | application_and_content_networking_software | * |
| avaya | sg200 | 4.31.29 |
| openssl | openssl | 0.9.7b |
| cisco | ios | 12.1(11)e |
| hp | hp-ux | 8.05 |
| hp | hp-ux | 11.11 |
| avaya | vsu | 7500_r2.0.1 |
| cisco | ios | 12.2(14)sy |
| avaya | s8500 | r2.0.0 |
| sgi | propack | 2.3 |
| avaya | s8300 | r2.0.0 |
| sun | crypto_accelerator_4000 | 1.0 |
| vmware | gsx_server | 2.0 |
| cisco | pix_firewall_software | 6.1(5) |
| stonesoft | stonegate | 2.0.8 |
| securecomputing | sidewinder | 5.2.0.04 |
| cisco | ios | 12.1(11b)e14 |
| avaya | vsu | 2000_r2.0.1 |
| cisco | ios | 12.2za |
| stonesoft | servercluster | 2.5 |
| cisco | ciscoworks_common_services | 2.2 |
| openssl | openssl | 0.9.6f |
| novell | edirectory | 8.7 |
| hp | apache-based_web_server | 2.0.43.04 |
| cisco | ios | 12.1(11b)e |
| openssl | openssl | 0.9.7c |
| novell | edirectory | 8.7.1 |
| sco | openserver | 5.0.6 |
| checkpoint | firewall-1 | 2.0 |
| vmware | gsx_server | 3.0_build_7592 |
| avaya | intuity_audix | s3210 |
| cisco | content_services_switch_11500 | * |
| 4d | webstar | 5.2.2 |
| checkpoint | firewall-1 | next_generation_fp2 |
| novell | edirectory | 8.6.2 |
| tarantella | tarantella_enterprise | 3.20 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | firewall_services_module | 1.1_(3.005) |
| checkpoint | vpn-1 | next_generation_fp0 |
| cisco | webns | 7.1_0.1.02 |
| cisco | pix_firewall_software | 6.1(2) |
| stonesoft | stonegate | 2.0.1 |
| cisco | call_manager | * |
| lite | speed_technologies_litespeed_web_server | 1.3 |
| securecomputing | sidewinder | 5.2.0.03 |
| freebsd | freebsd | 5.2 |
| avaya | vsu | 5x |
| neoteris | instant_virtual_extranet | 3.2 |
| 4d | webstar | 5.2 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| avaya | intuity_audix | * |
| checkpoint | vpn-1 | next_generation |
| cisco | ios | 12.1(19)e1 |
| freebsd | freebsd | 5.1 |
| cisco | okena_stormwatch | 3.2 |
| 4d | webstar | 5.2.4 |
| avaya | vsu | 5 |
| securecomputing | sidewinder | 5.2.0.02 |
| cisco | ios | 12.2(14)sy1 |
| lite | speed_technologies_litespeed_web_server | 1.1 |
| stonesoft | stonegate_vpn_client | 1.7.2 |
| cisco | pix_firewall_software | 6.0(2) |
| cisco | pix_firewall_software | 6.0(4.101) |
| cisco | pix_firewall_software | 6.3(1) |
| stonesoft | stonebeat_securitycluster | 2.5 |
| stonesoft | stonegate | 2.0.6 |
| vmware | gsx_server | 2.5.1 |
| cisco | gss_4480_global_site_selector | * |
| cisco | firewall_services_module | * |
| avaya | sg208 | * |
| stonesoft | stonebeat_webcluster | 2.0 |
| stonesoft | stonegate | 1.7.1 |
| dell | bsafe_ssl-j | 3.1 |
| avaya | s8300 | r2.0.1 |
| novell | edirectory | 8.0 |
| redhat | linux | 7.2 |
| cisco | pix_firewall_software | 6.2(3) |
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| checkpoint | firewall-1 | next_generation_fp1 |
| cisco | firewall_services_module | 1.1.3 |
| neoteris | instant_virtual_extranet | 3.0 |
| cisco | pix_firewall_software | 6.1(4) |
| sco | openserver | 5.0.7 |
| avaya | sg200 | 4.4 |
| cisco | ios | 12.1(11b)e12 |
| forcepoint | stonegate | 2.0.1 |
| checkpoint | firewall-1 | * |
| openssl | openssl | 0.9.6e |
| stonesoft | stonebeat_securitycluster | 2.0 |
| sgi | propack | 2.4 |
| cisco | access_registrar | * |
| forcepoint | stonegate | 2.0.4 |
| cisco | pix_firewall_software | 6.1(1) |
| cisco | pix_firewall_software | 6.1 |
| redhat | linux | 8.0 |
| openssl | openssl | 0.9.6h |
| securecomputing | sidewinder | 5.2.1 |
| avaya | s8700 | r2.0.1 |
| cisco | ciscoworks_common_management_foundation | 2.1 |
| hp | aaa_server | * |
| avaya | intuity_audix | s3400 |
| cisco | pix_firewall_software | 6.2 |
| forcepoint | stonegate | 1.7 |
| freebsd | freebsd | 4.9 |
| avaya | intuity_audix | 5.1.46 |
| checkpoint | vpn-1 | next_generation_fp2 |
| openbsd | openbsd | 3.4 |
| freebsd | freebsd | 4.8 |
| cisco | pix_firewall_software | 6.1(3) |
| bluecoat | cacheos_ca_sa | 4.1.12 |
| apple | mac_os_x_server | 10.3.3 |
| 4d | webstar | 5.2.3 |
| stonesoft | stonebeat_fullcluster | 2.0 |
| cisco | webns | 6.10 |
| avaya | vsu | 100_r2.0.1 |
| cisco | pix_firewall_software | 6.0(4) |
| avaya | sg5 | 4.3 |
| cisco | secure_content_accelerator | 10000 |
| checkpoint | provider-1 | 4.1 |
| forcepoint | stonegate | 2.2.1 |
| 4d | webstar | 5.3 |
| openssl | openssl | 0.9.6d |
| avaya | sg5 | 4.2 |
| neoteris | instant_virtual_extranet | 3.1 |
| avaya | s8700 | r2.0.0 |
| forcepoint | stonegate | 1.5.17 |
| forcepoint | stonegate | 2.0.8 |
| cisco | css_secure_content_accelerator | 2.0 |
| cisco | ios | 12.2sy |
| forcepoint | stonegate | 2.0.5 |
| 4d | webstar | 5.2.1 |
| securecomputing | sidewinder | 5.2.0.01 |
| securecomputing | sidewinder | 5.2.1.02 |
| avaya | vsu | 500 |
| avaya | sg203 | 4.4 |
| cisco | pix_firewall_software | 6.0(3) |
| dell | bsafe_ssl-j | 3.0.1 |
| cisco | css_secure_content_accelerator | 1.0 |
| hp | wbem | a.02.00.01 |
| forcepoint | stonegate | 1.7.2 |
| redhat | openssl | 0.9.6-15 |
| cisco | pix_firewall_software | 6.3(3.102) |
| cisco | pix_firewall_software | 6.2(2) |
| redhat | openssl | 0.9.6b-3 |
| novell | edirectory | 8.5.12a |
| cisco | pix_firewall_software | 6.2(1) |
| cisco | firewall_services_module | 2.1_(0.208) |
| apple | mac_os_x | 10.3.3 |
| cisco | pix_firewall | 6.2.2_.111 |
| securecomputing | sidewinder | 5.2 |
| redhat | linux | 7.3 |
| cisco | webns | 7.10 |
| forcepoint | stonegate | 2.0.7 |
| forcepoint | stonegate | 2.2 |
| openssl | openssl | 0.9.6k |
| avaya | sg5 | 4.4 |
| cisco | pix_firewall_software | 6.3(3.109) |
| checkpoint | firewall-1 | next_generation_fp0 |
| novell | imanager | 1.5 |
| stonesoft | stonebeat_webcluster | 2.5 |
| cisco | firewall_services_module | 1.1.2 |
| hp | apache-based_web_server | 2.0.43.00 |
| hp | hp-ux | 11.00 |
| forcepoint | stonegate | 1.7.1 |
| openssl | openssl | 0.9.6c |
| novell | imanager | 2.0 |
| dell | bsafe_ssl-j | 3.0 |
| symantec | clientless_vpn_gateway_4400 | 5.0 |
| tarantella | tarantella_enterprise | 3.30 |
| bluecoat | proxysg | * |
| forcepoint | stonegate | 1.6.2 |
| avaya | vsu | 5000_r2.0.1 |
| tarantella | tarantella_enterprise | 3.40 |
| cisco | pix_firewall_software | 6.0 |
| cisco | gss_4490_global_site_selector | * |
| cisco | threat_response | * |
| cisco | css11000_content_services_switch | * |
| redhat | enterprise_linux_desktop | 3.0 |
| sgi | propack | 3.0 |
| 4d | webstar | 5.3.1 |
| openssl | openssl | 0.9.7 |
| cisco | webns | 7.2_0.0.03 |
| cisco | ios | 12.1(13)e9 |
| redhat | openssl | 0.9.7a-2 |
| litespeedtech | litespeed_web_server | 1.0.1 |
| forcepoint | stonegate | 2.0.6 |
| avaya | sg203 | 4.31.29 |
| forcepoint | stonegate | 2.1 |
| vmware | gsx_server | 2.5.1_build_5336 |
| hp | wbem | a.01.05.08 |
| forcepoint | stonegate | 1.5.18 |
| avaya | sg208 | 4.4 |
| redhat | enterprise_linux | 3.0 |
| neoteris | instant_virtual_extranet | 3.3 |
| hp | hp-ux | 11.23 |
| 4d | webstar | 4.0 |
| openbsd | openbsd | 3.3 |
| vmware | gsx_server | 2.0.1_build_2129 |
| forcepoint | stonegate | 2.2.4 |
| cisco | webns | 7.1_0.2.06 |
| avaya | s8500 | r2.0.1 |
| checkpoint | vpn-1 | vsx_ng_with_application_intelligence |
| cisco | mds_9000 | * |
| openssl | openssl | 0.9.6i |
| freebsd | freebsd | 5.2.1 |
| novell | edirectory | 8.5 |
| openssl | openssl | 0.9.6j |
| cisco | webns | 6.10_b4 |
| cisco | webns | 7.10_.0.06s |
| bluecoat | cacheos_ca_sa | 4.1.10 |
| neoteris | instant_virtual_extranet | 3.3.1 |
| openssl | openssl | 0.9.6g |
| avaya | vsu | 10000_r2.0.1 |
| avaya | converged_communications_server | 2.0 |
| cisco | pix_firewall_software | 6.3 |
| cisco | pix_firewall_software | 6.3(2) |
| hp | wbem | a.02.00.00 |
| stonesoft | stonebeat_fullcluster | 1_3.0 |
| stonesoft | servercluster | 2.5.2 |
| stonesoft | stonebeat_fullcluster | 3.0 |
| forcepoint | stonegate | 1.6.3 |
| novell | edirectory | 8.5.27 |
| stonesoft | stonebeat_fullcluster | 2.5 |
| openssl | openssl | 0.9.7a |
| cisco | pix_firewall_software | 6.0(1) |
| cisco | pix_firewall_software | 6.2(3.100) |
| cisco | application_and_content_networking_software | * |
| avaya | sg200 | 4.31.29 |
| openssl | openssl | 0.9.7b |
| cisco | ios | 12.1(11)e |
| hp | hp-ux | 8.05 |
| hp | hp-ux | 11.11 |
| avaya | vsu | 7500_r2.0.1 |
| cisco | ios | 12.2(14)sy |
| avaya | s8500 | r2.0.0 |
| sgi | propack | 2.3 |
| avaya | s8300 | r2.0.0 |
| sun | crypto_accelerator_4000 | 1.0 |
| vmware | gsx_server | 2.0 |
| forcepoint | stonegate | 2.0.9 |
| cisco | pix_firewall_software | 6.1(5) |
| securecomputing | sidewinder | 5.2.0.04 |
| cisco | ios | 12.1(11b)e14 |
| avaya | vsu | 2000_r2.0.1 |
| cisco | ios | 12.2za |
| stonesoft | servercluster | 2.5 |
| cisco | ciscoworks_common_services | 2.2 |
| openssl | openssl | 0.9.6f |
| novell | edirectory | 8.7 |
| hp | apache-based_web_server | 2.0.43.04 |
| cisco | ios | 12.1(11b)e |
| openssl | openssl | 0.9.7c |
| novell | edirectory | 8.7.1 |
| sco | openserver | 5.0.6 |
| checkpoint | firewall-1 | 2.0 |
| vmware | gsx_server | 3.0_build_7592 |
| avaya | intuity_audix | s3210 |
| cisco | content_services_switch_11500 | * |
| 4d | webstar | 5.2.2 |
| checkpoint | firewall-1 | next_generation_fp2 |
| novell | edirectory | 8.6.2 |
| tarantella | tarantella_enterprise | 3.20 |
| checkpoint | vpn-1 | next_generation_fp1 |
| cisco | firewall_services_module | 1.1_(3.005) |
| checkpoint | vpn-1 | next_generation_fp0 |
| cisco | webns | 7.1_0.1.02 |
| cisco | pix_firewall_software | 6.1(2) |
| cisco | call_manager | * |
| securecomputing | sidewinder | 5.2.0.03 |
| freebsd | freebsd | 5.2 |
| avaya | vsu | 5x |
| neoteris | instant_virtual_extranet | 3.2 |
| 4d | webstar | 5.2 |
| stonesoft | stonebeat_fullcluster | 1_2.0 |
| avaya | intuity_audix | * |
| cisco | ios | 12.1(19)e1 |
| freebsd | freebsd | 5.1 |
| cisco | okena_stormwatch | 3.2 |
| 4d | webstar | 5.2.4 |
| avaya | vsu | 5 |
| securecomputing | sidewinder | 5.2.0.02 |
| cisco | ios | 12.2(14)sy1 |
| cisco | pix_firewall_software | 6.0(2) |
| cisco | pix_firewall_software | 6.0(4.101) |
| cisco | pix_firewall_software | 6.3(1) |
| stonesoft | stonebeat_securitycluster | 2.5 |
| vmware | gsx_server | 2.5.1 |
| cisco | gss_4480_global_site_selector | * |
| cisco | firewall_services_module | * |
| avaya | sg208 | * |
| stonesoft | stonebeat_webcluster | 2.0 |
| dell | bsafe_ssl-j | 3.1 |
| avaya | s8300 | r2.0.1 |
| novell | edirectory | 8.0 |
| redhat | linux | 7.2 |
| cisco | pix_firewall_software | 6.2(3) |
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | firewall_vpn_appliance_200r | * |
| symantec | firewall_vpn_appliance_100 | * |
| symantec | firewall_vpn_appliance_200 | * |
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security_5400 | 2.0 |
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus_scan_engine | 4.0 |
| symantec | antivirus_scan_engine | 4.3 |
Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antispam | 2004 |
The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_internet_security | 2004 |
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| entrust | entrust_libkmp_isakmp_library | * |
| symantec | gateway_security_5400 | 2.0 |
| symantec | gateway_security_5300 | 1.0 |
| symantec | enterprise_firewall | 7.0 |
| symantec | velociraptor | 1.5 |
| symantec | enterprise_firewall | 8.0 |
| symantec | enterprise_firewall | 7.0.4 |
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_internet_security | 2003 |
| symantec | client_firewall | 5.01 |
| symantec | client_security | 1.1 |
| symantec | norton_personal_firewall | 2003 |
| symantec | norton_personal_firewall | 2004 |
| symantec | norton_internet_security | 2004 |
| symantec | client_firewall | 5.1.1 |
| symantec | client_security | 1.0 |
Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | client_security | 1.6 |
| symantec | client_security | 2.0 |
| symantec | client_firewall | 5.01 |
| symantec | norton_personal_firewall | 2002 |
| symantec | client_security | 1.5 |
| symantec | norton_antispam | 2004 |
| symantec | client_security | 1.0 |
| symantec | norton_internet_security | 2002 |
| symantec | client_security | 1.8 |
| symantec | client_security | 1.2 |
| symantec | client_security | 1.9 |
| symantec | client_security | 1.3 |
| symantec | norton_internet_security | 2003 |
| symantec | client_security | 1.1 |
| symantec | norton_personal_firewall | 2003 |
| symantec | norton_personal_firewall | 2004 |
| symantec | norton_internet_security | 2004 |
| symantec | client_security | 1.4 |
| symantec | client_security | 1.7 |
| symantec | client_firewall | 5.1.1 |
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | client_security | 1.6 |
| symantec | client_security | 2.0 |
| symantec | client_firewall | 5.01 |
| symantec | norton_personal_firewall | 2002 |
| symantec | client_security | 1.5 |
| symantec | norton_antispam | 2004 |
| symantec | client_security | 1.0 |
| symantec | norton_internet_security | 2002 |
| symantec | client_security | 1.8 |
| symantec | client_security | 1.2 |
| symantec | client_security | 1.9 |
| symantec | client_security | 1.3 |
| symantec | norton_internet_security | 2003 |
| symantec | client_security | 1.1 |
| symantec | norton_personal_firewall | 2003 |
| symantec | norton_personal_firewall | 2004 |
| symantec | norton_internet_security | 2004 |
| symantec | client_security | 1.4 |
| symantec | client_security | 1.7 |
| symantec | client_firewall | 5.1.1 |
A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2.1 |
Brightmail Spamfilter 6.0 and earlier beta releases allows remote attackers to read mail from other users by modifying the id parameter in a viewMsgDetails.do request.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | brightmail_antispam | 6.0 |
Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU consumption) via a compressed archive that contains a large number of directories.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2002 |
| symantec | norton_antivirus | 2003 |
Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS device name.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | * |
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sun | jdk | 1.3.1_02 |
| sun | jdk | 1.4.2_03 |
| sun | jdk | 1.3.1_05 |
| sun | jdk | 1.4.1_03 |
| sun | jdk | 1.3.1_03 |
| sun | jdk | 1.4.1 |
| symantec | gateway_security_5400 | 2.0.1 |
| sun | jdk | 1.4.2_02 |
| sun | jre | 1.3.1_02 |
| sun | jre | 1.4.0_01 |
| sun | jre | 1.4.1_01 |
| hp | java_sdk-rte | 1.4 |
| hp | hp-ux | 11.23 |
| sun | jdk | 1.4.2_01 |
| sun | jdk | 1.3.1_07 |
| sun | jre | 1.4.0_03 |
| sun | jdk | 1.4.0_02 |
| sun | jdk | 1.3.1_01 |
| gentoo | linux | * |
| conectiva | linux | 10.0 |
| sun | jdk | 1.4.2_04 |
| sun | jre | 1.3.1_06 |
| sun | jre | 1.3.0 |
| sun | jre | 1.3.1_03 |
| sun | jre | 1.4.0_04 |
| hp | java_sdk-rte | 1.3 |
| sun | jre | 1.3.1_07 |
| sun | jdk | 1.4.1_01 |
| sun | jre | 1.4.1_02 |
| hp | hp-ux | 11.00 |
| sun | jre | 1.4.1_07 |
| sun | jre | 1.4.0_02 |
| sun | jdk | 1.4.2_05 |
| sun | jdk | 1.4.2 |
| symantec | enterprise_firewall | 8.0 |
| sun | jre | 1.4.1 |
| sun | jre | 1.4.2 |
| sun | jdk | 1.4.0_03 |
| sun | jdk | 1.3.1_04 |
| hp | hp-ux | 11.11 |
| sun | jdk | 1.4.0_01 |
| sun | jre | 1.3.1 |
| sun | jdk | 1.4.0_4 |
| sun | jre | 1.3.1_05 |
| hp | hp-ux | 11.22 |
| symantec | gateway_security_5400 | 2.0 |
| sun | jre | 1.4 |
| sun | jdk | 1.3.1_06 |
| sun | jdk | 1.4.1_02 |
| sun | jdk | 1.3.1_01a |
| sun | jre | 1.3.1_09 |
| sun | jdk | 1.4 |
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security | 360 |
| symantec | firewall_vpn_appliance_200r | * |
| symantec | nexland_wavebase_firewall_appliance | * |
| symantec | firewall_vpn_appliance_100 | * |
| symantec | nexland_isb_soho_firewall_appliance | * |
| symantec | firewall_vpn_appliance_200 | * |
| symantec | gateway_security | 320 |
| symantec | nexland_pro400_firewall_appliance | * |
| symantec | gateway_security | 360r |
| symantec | nexland_pro800_firewall_appliance | * |
| symantec | nexland_pro100_firewall_appliance | * |
| symantec | nexland_pro800turbo_firewall_appliance | * |
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | firewall_vpn_appliance_200r | * |
| symantec | nexland_wavebase_firewall_appliance | * |
| symantec | firewall_vpn_appliance_100 | * |
| symantec | nexland_isb_soho_firewall_appliance | * |
| symantec | firewall_vpn_appliance_200 | * |
| symantec | gateway_security_360r | * |
| symantec | nexland_pro400_firewall_appliance | * |
| symantec | nexland_pro800_firewall_appliance | * |
| symantec | nexland_pro100_firewall_appliance | * |
| symantec | nexland_pro800turbo_firewall_appliance | * |
| symantec | gateway_security_320 | * |
| symantec | gateway_security_360 | * |
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | firewall_vpn_appliance_200r | * |
| symantec | nexland_wavebase_firewall_appliance | * |
| symantec | firewall_vpn_appliance_100 | * |
| symantec | nexland_isb_soho_firewall_appliance | * |
| symantec | firewall_vpn_appliance_200 | * |
| symantec | gateway_security_360r | * |
| symantec | nexland_pro400_firewall_appliance | * |
| symantec | nexland_pro800_firewall_appliance | * |
| symantec | nexland_pro100_firewall_appliance | * |
| symantec | nexland_pro800turbo_firewall_appliance | * |
| symantec | gateway_security_320 | * |
| symantec | gateway_security_360 | * |
Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | clientless_vpn_gateway_4400 | 5.0 |
Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | on_command_ccm | 5.0 |
| symantec | on_command_ccm | 5.1 |
| symantec | on_command_ccm | 5.4 |
| symantec | on_command_ccm | 5.3 |
| symantec | on_command_ccm | 5.2 |
| symantec | on_icommand | 3.0 |
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security | 5400_2.0 |
| symantec | gateway_security | 5200_1.0 |
| symantec | gateway_security | 5300_1.0 |
| symantec | gateway_security | 5310_1.0 |
| symantec | gateway_security | 5110_1.0 |
| symantec | enterprise_firewall | 8.0 |
| symantec | gateway_security | 5400_2.0.1 |
| symantec | enterprise_firewall | 7.0.4 |
The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | brightmail_antispam | 6.0.1 |
rufsi.dll in Symantec Virus Detection allows remote attackers to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. NOTE: this issue was originally reported as a buffer overflow, but that specific claim is disputed by the vendor, although a crash is acknowledged.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | security_check_virus_detection | * |
Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2.1 |
| symantec | norton_antivirus | corporate_7.0 |
| symantec | norton_antivirus | corporate_7.6 |
| symantec | norton_antivirus | corporate_7.51 |
| symantec | norton_antivirus | corporate_7.61 |
| symantec | norton_antivirus | corporate_7.60.build_926 |
| symantec | norton_antivirus | professional_2004 |
| symantec | norton_antivirus | 2002 |
| symantec | norton_antivirus | 2001 |
| symantec | norton_antivirus | professional_2003 |
| symantec | norton_antivirus | professional_2001 |
| symantec | norton_antivirus | corporate_7.2 |
| symantec | norton_antivirus | corporate_8.0 |
| symantec | norton_antivirus | corporate_7.5 |
| symantec | norton_antivirus | 2003 |
| symantec | norton_antivirus | professional_2002 |
The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer overflow.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | powerquest_deploycenter | 5.5 |
Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62 allows remote attackers to inject arbitrary web script or HTML via the query string in blocked URLs that are listed in (1) error or (2) block page messages.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_security | 3.0 |
| symantec | web_security | 3.0.1 |
| symantec | web_security | 2.5 |
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mail_security | 4.5_build_719 |
| symantec | client_security | 1.0.1_build_8.01.460 |
| symantec | client_security | 1.0.1_build_8.01.446 |
| symantec | norton_antivirus | 8.1.1_build8.1.1.314a |
| symantec | norton_antivirus | 8.01.457 |
| symantec | client_security | 1.0.1_build_8.01.434 |
| symantec | web_security | 3.01.59 |
| symantec | client_security | 1.0.1_build_8.01.437 |
| symantec | norton_antivirus | 9.0 |
| symantec | client_security | 1.0.1_build_8.01.457 |
| symantec | client_security | 1.1.1_mr4_build_8.1.1.329 |
| symantec | antivirus_scan_engine | * |
| symantec | client_security | 1.1.1_mr2_build_8.1.1.319 |
| symantec | norton_antivirus | 2004 |
| symantec | web_security | 3.01.63 |
| symantec | norton_antivirus | 2.18_build_83 |
| symantec | sav_filter_domino_nt_ports | build3.0.5 |
| symantec | sav_filter_for_domino_nt | 3.1.1 |
| symantec | norton_internet_security | 2004 |
| symantec | web_security | 3.01.61 |
| symantec | web_security | 3.01.62 |
| symantec | brightmail_antispam | 5.5 |
| symantec | client_security | 1.1.1_mr3_build_8.1.1.323 |
| symantec | web_security | 3.01.68 |
| symantec | norton_antivirus | 8.1.1.319 |
| symantec | mail_security | 4.0 |
| symantec | client_security | 1.0.1_build_8.01.471 |
| symantec | client_security | 1.1.1_mr1_build_8.1.1.314a |
| symantec | norton_antivirus | 8.01.434 |
| symantec | norton_antivirus | 8.01.460 |
| symantec | web_security | 3.01.67 |
| symantec | brightmail_antispam | 4.0 |
| symantec | web_security | 3.01.60 |
| symantec | norton_antivirus | 8.01.464 |
| symantec | norton_system_works | 2004 |
| symantec | gateway_security | 2.0 |
| symantec | client_security | 1.1.1_mr5_build_8.1.1.336 |
| symantec | gateway_security | 2.0.1 |
| symantec | mail_security | 4.1 |
| symantec | norton_antivirus | 8.1.1.329 |
| symantec | norton_antivirus | 8.01.437 |
| symantec | norton_antivirus | 8.01.471 |
| symantec | gateway_security | 1.0 |
| symantec | norton_antivirus | 8.01.446 |
| symantec | norton_antivirus | 8.1.1.323 |
| symantec | client_security | 1.0.1_build_8.01.464 |
The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security_460 | * |
| symantec | firewall_vpn_appliance_200r | * |
| nexland | pro800turbo | * |
| symantec | gateway_security_360 | * |
Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security_5400 | 2.0 |
| symantec | gateway_security_5300 | 1.0 |
| symantec | velociraptor | model_1300 |
| symantec | enterprise_firewall | 7.0 |
| symantec | enterprise_firewall | 8.0 |
Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2.1 |
| symantec | norton_antivirus | 2005 |
| symantec | norton_system_works | 2005_premier |
| symantec | norton_system_works | 2004_professional |
| symantec | norton_internet_security | 2005 |
| symantec | norton_internet_security | 2004 |
The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 2.1 |
| symantec | norton_antivirus | 2005 |
| symantec | norton_system_works | 2005_premier |
| symantec | norton_system_works | 2004_professional |
| symantec | norton_internet_security | 2005 |
| symantec | norton_internet_security | 2004 |
Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mail_security | 4.0.5.66 |
| symantec | norton_system_works | 2005_contains_nav_11.0.0 |
| symantec | mail_security | 4.5.4.743 |
| symantec | norton_internet_security | 2005_contains_nav_11.0.0 |
| symantec | norton_antivirus | 2005_11.0.0 |
| symantec | symav_filter_domino_nt | 3.1.1.87 |
| symantec | web_security | 3.0.1.72 |
| symantec | antivirus_scan_engine | 4.3.7.27 |
Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | brightmail_antispam | 5.5 |
| symantec | brightmail_antispam | 4.0 |
| symantec | brightmail_antispam | 6.0.1 |
| symantec | brightmail_antispam | 6.0 |
Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 8.0.2 |
| symantec | pcanywhere | 10.5 |
| symantec | pcanywhere | 9.0 |
| symantec | pcanywhere | 8.0.1 |
| symantec | pcanywhere | 10.0 |
| symantec | pcanywhere | 9.0.1 |
| symantec | pcanywhere | 9.2 |
| symantec | pcanywhere | 11.0 |
Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the "Scan for viruses" option, which launches a help window with raised privileges, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2002-1540.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 9.0.1.1000 |
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus_scan_engine | 4.0 |
| symantec | antivirus_scan_engine_for_network_attached_storage | 4.3 |
| symantec | antivirus_scan_engine | 4.3 |
** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify. Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 9.0.3 |
Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal LiveUpdate server.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 9.0.4 |
| symantec | norton_antivirus | 9.0.1.1.1000 |
Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus_scan_engine | * |
Untrusted search path vulnerability in DiskMountNotify for Symantec Norton AntiVirus 9.0.3 allows local users to gain privileges by modifying the PATH to reference a malicious (1) ps or (2) grep file.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 9.0.3 |
The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | on_command_discovery | standard_4.5 |
| symantec | discovery | 6.0 |
| symantec | on_command_discovery | web_4.5 |
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security_300 | 2.0 |
| symantec | gateway_security_5300 | 1.0 |
| symantec | gateway_security_5100 | * |
| symantec | firewall_vpn_appliance_100 | * |
| symantec | enterprise_firewall | 8.0 |
| symantec | gateway_security_400 | 2.0 |
| symantec | firewall_vpn_appliance_200 | * |
| symantec | gateway_security_5400 | 2.0.1 |
| symantec | gateway_security_5000_series | 3.0 |
| symantec | gateway_security_5310 | 1.0 |
Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 8.0.2 |
| symantec | pcanywhere | 10.5 |
| symantec | pcanywhere | 9.0 |
| symantec | pcanywhere | 8.0.1 |
| symantec | pcanywhere | 11.5.1 |
| symantec | pcanywhere | 11.5 |
| symantec | pcanywhere | 10.0 |
| symantec | pcanywhere | 9.0.1 |
| symantec | pcanywhere | 11.0.1 |
| symantec | pcanywhere | 9.2 |
| symantec | pcanywhere | 11.0 |
Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | brightmail_antispam | 6.0.1 |
| symantec | brightmail_antispam | 6.0 |
| symantec | brightmail_antispam | 6.0.2 |
Symantec Norton SystemWorks and SystemWorks Premier 2005 and 2006 stores temporary copies of files in the Norton Protected Recycle Bin NProtect directory, which is hidden from the FindFirst and FindNext Windows APIs and allows remote attackers to hide arbitrary files from virus scanners and other products.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_system_works | 2005_premier |
| symantec | norton_system_works | 2006_premier |
| symantec | norton_system_works | 2005 |
| symantec | norton_system_works | 2006 |
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus_scan_engine | 5.0.0.24 |
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus_scan_engine | 5.0.0.24 |
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus_scan_engine | 5.0.0.24 |
SQL injection vulnerability in the Authentication Servlet in Symantec Sygate Management Server (SMS) version 4.1 build 1417 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via unknown attack vectors related to a URL.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | sygate_management_server | 4.1_mr1_build_1351_chinese |
| symantec | sygate_management_server | * |
| symantec | sygate_management_server | 4.1_ga_build_1258_japanese |
| symantec | sygate_management_server | 4.0_mr_1_build_1104_english |
| symantec | sygate_management_server | 3.5_mr_3_build_894_english |
The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_ghost | 8.2 |
| symantec | ghost_solutions_suite | 1.0 |
| symantec | norton_ghost | 8.0 |
SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_ghost | 8.2 |
| symantec | ghost_solutions_suite | 1.0 |
| symantec | norton_ghost | 8.0 |
Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_ghost | 8.2 |
| symantec | ghost_solutions_suite | 1.0 |
| symantec | norton_ghost | 8.0 |
Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 9.0.0 |
| symantec | norton_antivirus | 10.9.1 |
| symantec | norton_antivirus | 9.0.3 |
| symantec | norton_personal_firewall | 3.0 |
| symantec | liveupdate | 3.0 |
| symantec | liveupdate | 3.0.2 |
| symantec | liveupdate | 3.0.3 |
| symantec | liveupdate | 3.0.1 |
| symantec | norton_personal_firewall | 3.1 |
| symantec | liveupdate | 3.5 |
| symantec | norton_system_works | 3.0 |
| symantec | norton_utilities | 8.0 |
| symantec | norton_antivirus | 9.0.2 |
| symantec | norton_antivirus | 10.0.0 |
| symantec | norton_internet_security | 3.0 |
| symantec | norton_antivirus | 9.0.1 |
| symantec | norton_antivirus | 10.0 |
| symantec | norton_antivirus | 10.0.1 |
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security | 2.0.1 |
| symantec | gateway_security | 5000_series_3.0 |
| symantec | gateway_security | 3.0 |
| symantec | enterprise_firewall | 8.0 |
| symantec | gateway_security | 5000_series_2.0.1 |
Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | 10.1.400 |
| symantec | norton_antivirus | 10.1 |
| symantec | norton_antivirus | 10.0.2.2020 |
| symantec | client_security | 3.1.394 |
| symantec | client_security | 3.1 |
| symantec | client_security | 3.0.2.2020 |
| symantec | norton_antivirus | 10.0.2.2010 |
| symantec | norton_antivirus | 10.0.2.2021 |
| symantec | client_security | 3.0.2.2010 |
| symantec | client_security | 3.1.400 |
| symantec | client_security | 3.0 |
| symantec | norton_antivirus | 10.0 |
M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | security_information_manager | 4.0.2.2 |
| symantec | security_information_manager | 4.0.2.12 |
| symantec | security_information_manager | 4.0.2.21 |
| symantec | security_information_manager | 4.0.2.1 |
| symantec | security_information_manager | 4.0.2.5 |
| symantec | security_information_manager | 4.0.2.20 |
| symantec | security_information_manager | 4.0.2.16 |
| symantec | security_information_manager | 4.0.2.7 |
| symantec | security_information_manager | 4.0.2.4 |
| symantec | security_information_manager | 4.0.2.6 |
| symantec | security_information_manager | 4.0.2.23 |
| symantec | security_information_manager | 4.0.2.13 |
| symantec | security_information_manager | 4.0.2.25 |
| symantec | security_information_manager | 4.0.2.17 |
| symantec | security_information_manager | 4.0.2.18 |
| symantec | security_information_manager | 4.0.2.19 |
| symantec | security_information_manager | 4.0.2.14 |
| symantec | security_information_manager | 4.0.2.8 |
| symantec | security_information_manager | 4.0.2.26 |
| symantec | security_information_manager | 4.0.2.22 |
| symantec | security_information_manager | 4.0.2.28 |
| symantec | security_information_manager | 4.0.2 |
| symantec | security_information_manager | 4.0.2.3 |
| symantec | security_information_manager | 4.0.2.15 |
| symantec | security_information_manager | 4.0.2.9 |
| symantec | security_information_manager | 4.0.2.11 |
| symantec | security_information_manager | 4.0.2.24 |
| symantec | security_information_manager | 4.0.2.27 |
| symantec | security_information_manager | 4.0.2.29 |
| symantec | security_information_manager | 4.0.2.10 |
Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentControlSet\Services\SymEvent registry keys.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_personal_firewall | 2006_9.1.0.33 |
Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 12.5 |
Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 12.5 |
Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 12.5 |
The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | gateway_security | 5400_2.0 |
| symantec | gateway_security | 360 |
| symantec | gateway_security | 5200_1.0 |
| symantec | gateway_security | 5300_1.0 |
| symantec | gateway_security | 5200 |
| symantec | gateway_security | 5110_1.0 |
| symantec | gateway_security | 320 |
| symantec | gateway_security | 5400_2.0.1 |
| symantec | gateway_security | 360r |
| symantec | gateway_security | 5300 |
| symantec | gateway_security | 5310_1.0 |
| symantec | gateway_security | 1.0 |
| symantec | gateway_security | 5000_series_3.0 |
| symantec | gateway_security | 5110 |
| symantec | gateway_security | 5000_series_2.0.1 |
Symantec LiveState 7.1 Agent for Windows allows local users to gain privileges by stopping the shstart.exe process and open "Web Self-Service" from the system tray icon, which will open a browser window running with elevated privileges. NOTE: several third-party researchers have noted that administrator privileges may be necessary to terminate shstart.exe. If this is the case, then no privilege escalation occurs, and this is not a vulnerability
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | livestate_agent_for_windows | 7.1 |
Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a client system, and execute these files, via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | appstream | 5.2 |
| symantec | appstream | 5.2.2 |
| symantec | appstream | 5.2.3 |
| symantec | appstream | 5.2.1 |
| symantec | workspace_streaming | 6.1 |
The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modify the DLL that is loaded using the LoadLibrary API function.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-306,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | altiris_deployment_solution | 6.9.355 |
| symantec | altiris_deployment_solution | * |
Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-312,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | altiris_deployment_solution | 6.9.355 |
| symantec | altiris_deployment_solution | * |
Multiple insecure method vulnerabilities in the Symantec.EasySetup.1 ActiveX control in EasySetupInt.dll 14.0.4.30167 in the EasySetup wizard in Symantec Norton Ghost 14.0 allow remote attackers to cause a denial of service (browser crash) and possibly execute arbitrary code via unspecified input to the (1) GetBackupLocationPath, (2) CallUninstall, (3) SetupDeleteVolume, (4) CanUseEasySetup, (5) CallAddInitialProtection, and (6) CallTour methods.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_ghost | 14.0 |
The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x exposes an unsafe method, which allows remote attackers to force the download of arbitrary files and possibly execute arbitrary code via the DownloadAndInstall method.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | management_platform | 7.0 |
| symantec | altiris_notification_server | 6.0 |
| symantec | altiris_deployment_solution | 6.9 |
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | im_manager_2007 | * |
| symantec | mail_security | 7.5.8 |
| symantec | mail_security | 6.0.8 |
| symantec | mail_security | 8.0.2 |
| symantec | mail_security | 7.5.6 |
| symantec | mail_security | 5.0.1.189 |
| symantec | mail_security | 5.0.1.182 |
| symantec | mail_security | 5.0.13 |
| symantec | data_loss_prevention_detection_servers | 10.0 |
| symantec | mail_security | 7.5.3.25 |
| symantec | brightmail_gateway | 8.0 |
| symantec | mail_security | 6.0.6 |
| symantec | data_loss_prevention_detection_servers | 9.0.1 |
| symantec | data_loss_prevention_endpoint_agents | 10.0 |
| symantec | mail_security | 8.0 |
| symantec | mail_security | 6.0.7 |
| symantec | mail_security | 7.5.4.29 |
| symantec | mail_security | 8.0.1 |
| ibm | lotus_notes | 8.5 |
| symantec | data_loss_prevention_endpoint_agents | 8.1.1 |
| symantec | data_loss_prevention_detection_servers | 8.1.1 |
| symantec | mail_security | 7.5.7 |
| symantec | mail_security | 5.0.1.181 |
| symantec | mail_security | 7.5.5.32 |
| symantec | mail_security | 5.0.12 |
| symantec | mail_security | 5.0.0 |
| symantec | mail_security | 5.0.11 |
| symantec | data_loss_prevention_endpoint_agents | 9.0.1 |
The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on the Notification Server machine, which allows local users to obtain sensitive information and possibly execute arbitrary code by decrypting and using these credentials.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | altiris_notification_server | 6.0 |
Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | im_manager | 8.4 |
| symantec | im_manager | 8.3 |
Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | altiris_deployment_solution | 6.9 |
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus | 10.0.2 |
| symantec | antivirus | 10.0.8 |
| symantec | antivirus | 10.0.4 |
| symantec | client_security | 3.0.2.2000 |
| symantec | antivirus | 10.0 |
| symantec | antivirus | 10.0.5 |
| symantec | client_security | 3.1.394 |
| symantec | client_security | 3.0.2.2001 |
| symantec | client_security | 3.0.2.2020 |
| symantec | antivirus | 10.1.5.1 |
| symantec | antivirus | 10.1.4 |
| symantec | antivirus | 10.1.6.1 |
| symantec | client_security | 3.0.1.1000 |
| symantec | client_security | 3.0.2.2011 |
| symantec | client_security | 3.0.1.1008 |
| symantec | client_security | 3.0.0.359 |
| symantec | client_security | 3.0.1.1007 |
| symantec | client_security | 3.1.400 |
| symantec | antivirus | 10.0.3 |
| symantec | antivirus | 10.0.2.1 |
| symantec | antivirus | 10.1.7 |
| symantec | antivirus | 10.0.9 |
| symantec | client_security | 3.1 |
| symantec | antivirus | 10.1 |
| symantec | client_security | 3.1.401 |
| symantec | antivirus | 10.1.5 |
| symantec | client_security | 3.1.0.401 |
| symantec | client_security | 3.0.2 |
| symantec | endpoint_protection | 11.0 |
| symantec | antivirus | 10.0.6 |
| symantec | antivirus | 10.1.4.1 |
| symantec | antivirus | 10.0.2.2 |
| symantec | antivirus | 10.0.7 |
| symantec | client_security | 3.0.2.2021 |
| symantec | client_security | 3.0.2.2010 |
| symantec | antivirus | 10.0.1 |
| symantec | antivirus | 10.1.6 |
| symantec | client_security | 3.1.0.396 |
| symantec | antivirus | 10.1.0.1 |
| symantec | antivirus | 10.2 |
| symantec | client_security | 3.0 |
| symantec | antivirus | 10.0.1.1 |
Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_internet_security | 2007 |
| symantec | client_security | 3.0.2.2000 |
| symantec | client_security | 3.0.2.2002 |
| symantec | client_security | 3.0.2.2001 |
| symantec | client_security | 3.0.1.1009 |
| symantec | norton_antivirus | 2006 |
| symantec | client_security | 3.0.2.2020 |
| symantec | norton_antivirus | 2008 |
| symantec | client_security | 3.0.1.1000 |
| symantec | client_security | 3.0.2.2011 |
| symantec | norton_360 | 2.0 |
| symantec | norton_internet_security | 2006 |
| symantec | client_security | 3.0.1.1008 |
| symantec | norton_360 | 1.0 |
| symantec | client_security | 3.0.1.1007 |
| symantec | client_security | 3.1.400 |
| symantec | client_security | 3.0.1.1001 |
| symantec | client_security | 3.1 |
| symantec | client_security | 3.1.396 |
| symantec | client_security | 3.1.401 |
| symantec | client_security | 3.1.0.401 |
| symantec | client_security | 3.0.2 |
| symantec | client_security | 3.0.2.2021 |
| symantec | norton_antivirus | 2007 |
| symantec | client_security | 3.0.2.2010 |
| symantec | client_security | 3.1.0.396 |
| symantec | client_security | 3.0 |
| symantec | norton_internet_security | 2008 |
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus | 10.0.2 |
| symantec | antivirus | 10.0.8 |
| symantec | antivirus | 10.0.4 |
| symantec | client_security | 3.0.2.2000 |
| symantec | antivirus | 10.0 |
| symantec | antivirus | 10.0.5 |
| symantec | client_security | 3.1.394 |
| symantec | client_security | 3.0.2.2001 |
| symantec | client_security | 3.0.2.2020 |
| symantec | antivirus | 10.1.5.1 |
| symantec | antivirus | 10.1.4 |
| symantec | antivirus | 10.1.6.1 |
| symantec | client_security | 3.0.1.1000 |
| symantec | client_security | 3.0.2.2011 |
| symantec | client_security | 3.0.1.1008 |
| symantec | client_security | 3.0.0.359 |
| symantec | client_security | 3.0.1.1007 |
| symantec | client_security | 3.1.400 |
| symantec | antivirus | 10.0.3 |
| symantec | antivirus | 10.0.2.1 |
| symantec | antivirus | 10.1.7 |
| symantec | antivirus | 10.0.9 |
| symantec | client_security | 3.1 |
| symantec | antivirus | 10.1 |
| symantec | client_security | 3.1.401 |
| symantec | antivirus | 10.1.5 |
| symantec | client_security | 3.1.0.401 |
| symantec | client_security | 3.0.2 |
| symantec | endpoint_protection | 11.0 |
| symantec | antivirus | 10.0.6 |
| symantec | antivirus | 10.1.4.1 |
| symantec | antivirus | 10.0.2.2 |
| symantec | antivirus | 10.0.7 |
| symantec | client_security | 3.0.2.2021 |
| symantec | client_security | 3.0.2.2010 |
| symantec | antivirus | 10.0.1 |
| symantec | antivirus | 10.1.6 |
| symantec | client_security | 3.1.0.396 |
| symantec | antivirus | 10.1.0.1 |
| symantec | antivirus | 10.2 |
| symantec | client_security | 3.0 |
| symantec | antivirus | 10.0.1.1 |
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | system_center | 10.1 |
| symantec | antivirus | 10.0.2 |
| symantec | antivirus | 10.0.8 |
| symantec | antivirus | 10.0.4 |
| symantec | antivirus | 10.0 |
| symantec | antivirus | 10.0.5 |
| symantec | antivirus | 10.1.9 |
| symantec | antivirus | 10.1.5.1 |
| symantec | antivirus | 10.1.4 |
| symantec | antivirus | 10.1.6.1 |
| symantec | antivirus_central_quarantine_server | 3.6 |
| symantec | system_center | 10.0 |
| symantec | antivirus_central_quarantine_server | 3.5 |
| symantec | antivirus | 10.0.3 |
| symantec | antivirus | 10.0.2.1 |
| symantec | antivirus | 10.1.7 |
| symantec | antivirus | 10.0.9 |
| symantec | antivirus | 10.1 |
| symantec | antivirus | 10.1.5 |
| symantec | antivirus | 10.0.1.2 |
| symantec | antivirus | 10.0.6 |
| symantec | antivirus | 10.1.4.1 |
| symantec | antivirus | 10.1.8 |
| symantec | antivirus | 10.0.2.2 |
| symantec | antivirus | 10.0.7 |
| symantec | antivirus | 10.0.1 |
| symantec | antivirus | 10.1.6 |
| symantec | antivirus | 10.1.0.1 |
| symantec | antivirus | 10.2 |
| symantec | antivirus | 10.0.1.1 |
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | system_center | 10.1 |
| symantec | antivirus | 10.0.2 |
| symantec | antivirus | 10.0.8 |
| symantec | antivirus | 10.0.4 |
| symantec | antivirus | 10.0 |
| symantec | antivirus | 10.0.5 |
| symantec | antivirus | 10.1.9 |
| symantec | antivirus | 10.1.5.1 |
| symantec | antivirus | 10.1.4 |
| symantec | antivirus | 10.1.6.1 |
| symantec | antivirus_central_quarantine_server | 3.6 |
| symantec | system_center | 10.0 |
| symantec | antivirus_central_quarantine_server | 3.5 |
| symantec | antivirus | 10.0.3 |
| symantec | antivirus | 10.0.2.1 |
| symantec | antivirus | 10.1.7 |
| symantec | antivirus | 10.0.9 |
| symantec | antivirus | 10.1 |
| symantec | antivirus | 10.1.5 |
| symantec | antivirus | 10.0.1.2 |
| symantec | antivirus | 10.0.6 |
| symantec | antivirus | 10.1.4.1 |
| symantec | antivirus | 10.1.8 |
| symantec | antivirus | 10.0.2.2 |
| symantec | antivirus | 10.0.7 |
| symantec | antivirus | 10.0.1 |
| symantec | antivirus | 10.1.6 |
| symantec | antivirus | 10.1.0.1 |
| symantec | antivirus | 10.2 |
| symantec | antivirus | 10.0.1.1 |
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition function in rdServer.dll, and SQL statements contained within a certain report file; (2) unspecified parameters in a DetailReportGroup (aka DetailReportGroup.lgx) action to rdpageimlogic.aspx; the (3) selclause, (4) whereTrendTimeClause, (5) TrendTypeForReport, (6) whereProtocolClause, or (7) groupClause parameter in a SummaryReportGroup (aka SummaryReportGroup.lgx) action to rdpageimlogic.aspx; the (8) loginTimeStamp, (9) dbo, (10) dateDiffParam, or (11) whereClause parameter in a LoggedInUsers (aka LoggedInUSers.lgx) action to (a) rdpageimlogic.aspx or (b) rdPage.aspx; the (12) selclause, (13) whereTrendTimeClause, (14) TrendTypeForReport, (15) whereProtocolClause, or (16) groupClause parameter to rdpageimlogic.aspx; (17) the groupList parameter to IMAdminReportTrendFormRun.asp; or (18) the email parameter to IMAdminScheduleReport.asp.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | im_manager | 8.4.0 |
| symantec | im_manager | 7.5 |
| symantec | im_manager | 8.3 |
| symantec | im_manager | 7.0 |
| symantec | im_manager | 8.4.1 |
| symantec | im_manager | 8.4.13 |
| symantec | im_manager | 8.4.12 |
| symantec | im_manager | 8.4.6 |
| symantec | im_manager | 8.4.7 |
| symantec | im_manager | 8.4.2 |
| symantec | im_manager | 6.5 |
| symantec | im_manager | 8.4.8 |
| symantec | im_manager | 8.4.10 |
| symantec | im_manager | 8.4.9 |
| symantec | im_manager | 8.4.5 |
| symantec | im_manager | 6.0 |
| symantec | im_manager | * |
| symantec | im_manager | 8.4.11 |
The Symantec Norton Mobile Security application 1.0 Beta for Android records setup details, possibly including wipe/lock credentials, in the device logs, which allows user-assisted remote attackers to obtain potentially sensitive information by leveraging the ability of a separate crafted application to read these logs.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mobile_security | 1.0 |
fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 11.0.4 |
| symantec | endpoint_protection | 11.0.3001 |
| symantec | endpoint_protection | 11.0.1 |
| symantec | endpoint_protection | 11.0.2 |
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 4.5.0.325 |
| symantec | web_gateway | 4.5.0.327 |
| symantec | web_gateway | 4.5.0.326 |
| symantec | web_gateway | 4.5 |
Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point conversion in unknown record types.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| autonomy | keyview_export_sdk | 10.9 |
| autonomy | keyview_filter_sdk | 10.4 |
| symantec | mail_security | * |
| autonomy | keyview_export_sdk | 10.4 |
| autonomy | keyview_viewer_sdk | 10.9 |
| autonomy | keyview_viewer_sdk | 10.4 |
| autonomy | keyview_filter_sdk | 10.9 |
Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Sygate Personal Firewall 5.6 build 2808 allows remote attackers to execute arbitrary code via a long third argument to the SetRegString method.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | sygate_personal_firewall | 5.6 |
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 11.0.4 |
| symantec | endpoint_protection | 11.0.3001 |
| intel | intel_alert_management_system | * |
| symantec | endpoint_protection | 11.0.1 |
| symantec | endpoint_protection | 11.0.2 |
| symantec | antivirus | 10.1.4.4010 |
Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | im_manager | 8.4.0 |
| symantec | im_manager | 7.5 |
| symantec | im_manager | 8.3 |
| symantec | im_manager | 7.0 |
| symantec | im_manager | 8.4.1 |
| symantec | im_manager | 8.4.13 |
| symantec | im_manager | 8.4.12 |
| symantec | im_manager | 8.4.6 |
| symantec | im_manager | 8.4.7 |
| symantec | im_manager | 8.4.2 |
| symantec | im_manager | 6.5 |
| symantec | im_manager | 8.4.8 |
| symantec | im_manager | 8.4.10 |
| symantec | im_manager | 8.4.9 |
| symantec | im_manager | 8.4.5 |
| symantec | im_manager | 6.0 |
| symantec | im_manager | * |
| symantec | im_manager | 8.4.11 |
| symantec | im_manager | 8.4.15 |
Race condition in Symantec Norton Internet Security 2010 17.5.0.127 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_internet_security_2010 | 17.5.0.127 |
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate_administrator | 2.2.2.9 |
Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent between the media server and the remote agent, which allows man-in-the-middle attackers to execute NDMP commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | backup_exec | 11.0 |
| symantec | backup_exec | 13.0 |
| symantec | backup_exec | 12.5 |
| symantec | backup_exec | 12.0 |
Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Administrator service in Symantec Veritas Storage Foundation 5.1 and earlier, Veritas Storage Foundation Cluster File System (SFCFS) 5.1 and earlier, Veritas Storage Foundation Cluster File System Enterprise for Oracle RAC (SFCFSORAC) 5.1 and earlier, Veritas Dynamic Multi-Pathing (DMP) 5.1, and NetBackup PureDisk 6.5.x through 6.6.1.x allow remote attackers to execute arbitrary code via (1) a crafted Unicode string, related to the vxveautil.value_binary_unpack function; (2) a crafted ASCII string, related to the vxveautil.value_binary_unpack function; or (3) a crafted value, related to the vxveautil.kv_binary_unpack function, leading to a buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | netbackup_puredisk | 6.6.1 |
| symantec | netbackup_puredisk | 6.6.1.1 |
| symantec | veritas_storage_foundation_cluster_file_system_for_oracle_rac | * |
| symantec | netbackup_puredisk | 6.5.1 |
| symantec | veritas_storage_foundation | 5.0 |
| symantec | veritas_storage_foundation_cluster_file_system_for_oracle_rac | 5.0 |
| symantec | netbackup_puredisk | 6.5.0.1 |
| symantec | netbackup_puredisk | 6.5.1.1 |
| symantec | veritas_storage_foundation | * |
| symantec | veritas_dynamic_multi-pathing | 5.1 |
| symantec | netbackup_puredisk | 6.5.1.2 |
| symantec | netbackup_puredisk | 6.6.1.2 |
Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_loss_prevention | 7.1 |
| symantec | brightmail_and_messaging_gateway | 5.0 |
| symantec | brightmail_and_messaging_gateway | 9.0.2 |
| symantec | data_loss_prevention | 8.0 |
| symantec | mail_security | 6.0.0 |
| symantec | brightmail_and_messaging_gateway | * |
| symantec | data_loss_prevention | * |
| symantec | data_loss_prevention | 8.1 |
| symantec | brightmail_and_messaging_gateway | 4.0.0 |
| symantec | brightmail_and_messaging_gateway | 8.0 |
| symantec | data_loss_prevention | 11.0 |
| symantec | data_loss_prevention | 10.5.1 |
| symantec | mail_security | 8.0 |
| symantec | brightmail_and_messaging_gateway | 9.0 |
| symantec | brightmail_and_messaging_gateway | 7.7 |
| symantec | data_loss_prevention | 9.0 |
| symantec | data_loss_prevention | 10.5 |
| symantec | data_loss_prevention | 7.2 |
| symantec | data_loss_prevention | 10 |
| symantec | brightmail_and_messaging_gateway | 4.1.0 |
| symantec | data_loss_prevention | 7.0 |
| symantec | mail_security | 7.5 |
| symantec | data_loss_prevention | 8.1.1 |
| symantec | brightmail_and_messaging_gateway | 9.0.1 |
SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 4.5.1.34 |
| symantec | web_gateway | 4.5.2.72 |
| symantec | web_gateway | 4.5.2.37 |
| symantec | web_gateway | 4.5.0.326 |
| symantec | web_gateway | 4.5.1.44 |
| symantec | web_gateway | 4.5.4.9 |
| symantec | web_gateway | 4.5 |
| symantec | web_gateway | 4.5.2.65 |
| symantec | web_gateway | 4.5.3.38 |
Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0.6200 |
| symantec | endpoint_protection | 11.0.6200.754 |
| symantec | endpoint_protection | 11.0.6300 |
| symantec | endpoint_protection | 11.0.6000 |
| symantec | endpoint_protection | 11.0.6100 |
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0.6200 |
| symantec | endpoint_protection | 11.0.6200.754 |
| symantec | endpoint_protection | 11.0.6300 |
| symantec | endpoint_protection | 11.0.6000 |
| symantec | endpoint_protection | 11.0.6100 |
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec IM Manager before 8.4.18 allow remote attackers to inject arbitrary web script or HTML via the (1) refreshRateSetting parameter to IMManager/Admin/IMAdminSystemDashboard.asp, the (2) nav or (3) menuitem parameter to IMManager/Admin/IMAdminTOC_simple.asp, or the (4) action parameter to IMManager/Admin/IMAdminEdituser.asp.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | im_manager | 8.4.16 |
| symantec | im_manager | 8.4.0 |
| symantec | im_manager | 7.5 |
| symantec | im_manager | 8.3 |
| symantec | im_manager | 7.0 |
| symantec | im_manager | 8.4.1 |
| symantec | im_manager | 8.4.13 |
| symantec | im_manager | 8.4.12 |
| symantec | im_manager | 8.4.6 |
| symantec | im_manager | 8.4.7 |
| symantec | im_manager | 8.4.2 |
| symantec | im_manager | 6.5 |
| symantec | im_manager | 8.4.8 |
| symantec | im_manager | 8.4.10 |
| symantec | im_manager | 8.4.9 |
| symantec | im_manager | 8.4.5 |
| symantec | im_manager | 6.0 |
| symantec | im_manager | * |
| symantec | im_manager | 8.4.11 |
| symantec | im_manager | 8.4.15 |
SQL injection vulnerability in the management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | im_manager | 8.4.16 |
| symantec | im_manager | 8.4.0 |
| symantec | im_manager | 7.5 |
| symantec | im_manager | 8.3 |
| symantec | im_manager | 7.0 |
| symantec | im_manager | 8.4.1 |
| symantec | im_manager | 8.4.13 |
| symantec | im_manager | 8.4.12 |
| symantec | im_manager | 8.4.6 |
| symantec | im_manager | 8.4.7 |
| symantec | im_manager | 8.4.2 |
| symantec | im_manager | 6.5 |
| symantec | im_manager | 8.4.8 |
| symantec | im_manager | 8.4.10 |
| symantec | im_manager | 8.4.9 |
| symantec | im_manager | 8.4.5 |
| symantec | im_manager | 6.0 |
| symantec | im_manager | * |
| symantec | im_manager | 8.4.11 |
| symantec | im_manager | 8.4.15 |
The management console in Symantec IM Manager before 8.4.18 allows remote attackers to execute arbitrary code via unspecified vectors, related to a "code injection issue."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | im_manager | 8.4.16 |
| symantec | im_manager | 8.4.0 |
| symantec | im_manager | 7.5 |
| symantec | im_manager | 8.3 |
| symantec | im_manager | 7.0 |
| symantec | im_manager | 8.4.1 |
| symantec | im_manager | 8.4.13 |
| symantec | im_manager | 8.4.12 |
| symantec | im_manager | 8.4.6 |
| symantec | im_manager | 8.4.7 |
| symantec | im_manager | 8.4.2 |
| symantec | im_manager | 6.5 |
| symantec | im_manager | 8.4.8 |
| symantec | im_manager | 8.4.10 |
| symantec | im_manager | 8.4.9 |
| symantec | im_manager | 8.4.5 |
| symantec | im_manager | 6.0 |
| symantec | im_manager | * |
| symantec | im_manager | 8.4.11 |
| symantec | im_manager | 8.4.15 |
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | system_center | 10.1 |
| symantec | antivirus | 10.0.2 |
| symantec | antivirus | 10.0.8 |
| symantec | antivirus | 10.0.4 |
| symantec | antivirus | 10.0 |
| symantec | antivirus | 10.0.5 |
| symantec | antivirus | 10.1.9 |
| symantec | antivirus | 10.1.5.1 |
| symantec | antivirus | 10.1.4 |
| symantec | antivirus | 10.1.6.1 |
| symantec | antivirus_central_quarantine_server | 3.6 |
| symantec | system_center | 10.0 |
| symantec | antivirus_central_quarantine_server | 3.5 |
| symantec | antivirus | 10.0.3 |
| symantec | antivirus | 10.0.2.1 |
| symantec | antivirus | 10.1.7 |
| symantec | antivirus | 10.0.9 |
| symantec | antivirus | 10.1 |
| symantec | antivirus | 10.1.5 |
| symantec | antivirus | 10.0.1.2 |
| symantec | antivirus | 10.0.6 |
| symantec | antivirus | 10.1.4.1 |
| symantec | antivirus | 10.1.8 |
| symantec | antivirus | 10.0.2.2 |
| symantec | antivirus | 10.0.7 |
| symantec | antivirus | 10.0.1 |
| symantec | antivirus | 10.1.6 |
| symantec | antivirus | 10.1.0.1 |
| symantec | antivirus | 10.2 |
| symantec | antivirus | 10.0.1.1 |
Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to inject arbitrary web script or HTML via the username field, as demonstrated by injecting an IFRAME element into the event log, a different vulnerability than CVE-2011-0545.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate_administrator | * |
| symantec | liveupdate_administrator | 2.1.2 |
| symantec | liveupdate_administrator | 2.1.0 |
| symantec | liveupdate_administrator | 2.2.2 |
| symantec | liveupdate_administrator | 2.1.3 |
| symantec | liveupdate_administrator | 2.2.1 |
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 12.6.7580 |
| symantec | pcanywhere | 12.5 |
| symantec | pcanywhere | 12.5.539 |
| symantec | pcanywhere | 12.6.65 |
Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 12.6.7580 |
| symantec | pcanywhere | 12.5 |
| symantec | pcanywhere | 12.5.539 |
| symantec | pcanywhere | 12.6.65 |
Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0.7100 |
| symantec | endpoint_protection | 11.0.6200.754 |
| symantec | endpoint_protection | 11.0.6300 |
| symantec | network_access_control | 11.0.6200 |
| symantec | network_access_control | 11.0.7000 |
| symantec | endpoint_protection | 11.0.6000 |
| symantec | endpoint_protection | 11.0.6100 |
| symantec | endpoint_protection | 11.0.7000 |
| symantec | endpoint_protection | 11.0.6200 |
| symantec | network_access_control | 11.0.6000 |
| symantec | network_access_control | 11.0.7100 |
| symantec | network_access_control | 11.0.6100 |
| symantec | network_access_control | 11.0.6300 |
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an "open client session."
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 10.5 |
| symantec | pcanywhere | 12.5.265 |
| symantec | pcanywhere | 11.5.1 |
| symantec | pcanywhere | 11.5 |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 12.6 |
| symantec | pcanywhere | * |
| symantec | pcanywhere | 12.5.539 |
| symantec | pcanywhere | 12.6.65 |
| symantec | altiris_client_management_suite_pcanywhere_solution | 12.5 |
| symantec | pcanywhere | 8.0 |
| symantec | pcanywhere | 9.2 |
| symantec | pcanywhere | 5.0 |
| symantec | altiris_client_management_suite_pcanywhere_solution | 12.6 |
| symantec | pcanywhere | 12.1 |
| symantec | pcanywhere | 12.6.7580 |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 12.5 |
| symantec | pcanywhere | 12.5 |
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 10.5 |
| symantec | pcanywhere | 12.5.265 |
| symantec | pcanywhere | 11.5.1 |
| symantec | pcanywhere | 11.5 |
| symantec | altiris_it_management_suite_pcanywhere_solution | 7.1 |
| symantec | altiris_it_management_suite_pcanywhere_solution | 7.0 |
| symantec | pcanywhere | 12.5.3 |
| symantec | altiris_client_management_suite_pcanywhere_solution | 7.0 |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 7.1 |
| symantec | pcanywhere | * |
| symantec | pcanywhere | 12.5.539 |
| symantec | pcanywhere | 11.0 |
| symantec | pcanywhere | 12.0.1 |
| symantec | pcanywhere | 12.0.3 |
| symantec | pcanywhere | 12.1 |
| symantec | pcanywhere | 12.0 |
| symantec | pcanywhere | 10.0 |
| symantec | pcanywhere | 12.5 |
| symantec | pcanywhere | 12.0.2 |
| symantec | pcanywhere | 11.0.1 |
The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pcanywhere | 10.5 |
| symantec | pcanywhere | 12.5.265 |
| symantec | pcanywhere | 11.5.1 |
| symantec | pcanywhere | 11.5 |
| symantec | altiris_it_management_suite_pcanywhere_solution | 7.1 |
| symantec | altiris_it_management_suite_pcanywhere_solution | 7.0 |
| symantec | pcanywhere | 12.5.3 |
| symantec | altiris_client_management_suite_pcanywhere_solution | 7.0 |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 7.1 |
| symantec | pcanywhere | * |
| symantec | pcanywhere | 12.5.539 |
| symantec | altiris_climentent_manage_suite_pcanywhere_solution | 7.1 |
| symantec | pcanywhere | 11.0 |
| symantec | pcanywhere | 12.0.1 |
| symantec | pcanywhere | 12.0.3 |
| symantec | pcanywhere | 12.1 |
| symantec | pcanywhere | 12.0 |
| symantec | pcanywhere | 10.0 |
| symantec | pcanywhere | 12.5 |
| symantec | pcanywhere | 12.0.2 |
| symantec | pcanywhere | 11.0.1 |
Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | altiris_wise_package_studio | 7.0 |
| symantec | altiris_wise_package_studio | * |
| symantec | altiris_wise_package_studio | 7 |
Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 12.1.671 |
| symantec | endpoint_protection | 12.1.1000 |
| symantec | endpoint_protection | 12.1 |
The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 12.1.671 |
| symantec | endpoint_protection | 12.1.1000 |
| symantec | endpoint_protection | 12.1 |
Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway | 5.0.2 |
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway | 5.0.2 |
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway | 5.0.2 |
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway | 5.0.2 |
Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive version information via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | message_filter | * |
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | message_filter | * |
Cross-site scripting (XSS) vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | message_filter | 6.3 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Brightmail Control Center in Symantec Message Filter 6.3 allow remote attackers to hijack the authentication of arbitrary users for requests that (1) execute application commands or (2) create admin accounts.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | message_filter | * |
Symantec LiveUpdate Administrator before 2.3.1 uses weak permissions (Everyone: Full Control) for the installation directory, which allows local users to gain privileges via a Trojan horse file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate_administrator | * |
| symantec | liveupdate_administrator | 1.5.7.19 |
| symantec | liveupdate_administrator | 2.1.2 |
| symantec | liveupdate_administrator | 1.5.4 |
| symantec | liveupdate_administrator | 2.2.2.9 |
| symantec | liveupdate_administrator | 2.1.0 |
| symantec | liveupdate_administrator | 2.2.2 |
| symantec | liveupdate_administrator | 2.1.3 |
| symantec | liveupdate_administrator | 2.2.1 |
| symantec | liveupdate_administrator | 1.5.3.21 |
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| rising-global | rising_antivirus | 22.83.00.03 |
| cat | quick_heal | 11.00 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \50\4B\03\04 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eset | nod32_antivirus | 5795 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| antiy | avl_sdk | 2.0.3.7 |
| trendmicro | housecall | 9.120.0.1004 |
| mcafee | gateway | 2010.1c |
| symantec | endpoint_protection | 11.0 |
| avira | antivir | 7.11.1.163 |
| mcafee | scan_engine | 5.400.0.1158 |
| cat | quick_heal | 11.00 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| emsisoft | anti-malware | 5.1.0.1 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rising-global | rising_antivirus | 22.83.00.03 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| gdata-software | g_data_antivirus | 21 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| k7computing | antivirus | 9.77.3565 |
| microsoft | security_essentials | 2.0 |
| clamav | clamav | 0.96.4 |
| mcafee | gateway | 2010.1c |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| avg | avg_anti-virus | 10.0.0.1190 |
| mcafee | scan_engine | 5.400.0.1158 |
| cat | quick_heal | 11.00 |
| alwil | avast_antivirus | 5.0.677.0 |
| emsisoft | anti-malware | 5.1.0.1 |
| authentium | command_antivirus | 5.2.11.5 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| eset | nod32_antivirus | 5795 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| alwil | avast_antivirus | 4.8.1351.0 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| virusbuster | virusbuster | 13.6.151.0 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| comodo | comodo_antivirus | 7424 |
| anti-virus | vba32 | 3.12.14.2 |
| antiy | avl_sdk | 2.0.3.7 |
| trendmicro | housecall | 9.120.0.1004 |
| symantec | endpoint_protection | 11.0 |
| avira | antivir | 7.11.1.163 |
| bitdefender | bitdefender | 7.2 |
| aladdin | esafe | 7.0.17.0 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| sophos | sophos_anti-virus | 4.61.0 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fortinet | fortinet_antivirus | 4.2.254.0 |
| rising-global | rising_antivirus | 22.83.00.03 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| antiy | avl_sdk | 2.0.3.7 |
| ca | etrust_vet_antivirus | 36.1.8511 |
| mcafee | gateway | 2010.1c |
| symantec | endpoint_protection | 11.0 |
| aladdin | esafe | 7.0.17.0 |
| mcafee | scan_engine | 5.400.0.1158 |
| cat | quick_heal | 11.00 |
| sophos | sophos_anti-virus | 4.61.0 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eset | nod32_antivirus | 5795 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| rising-global | rising_antivirus | 22.83.00.03 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| comodo | comodo_antivirus | 7424 |
| trendmicro | housecall | 9.120.0.1004 |
| mcafee | gateway | 2010.1c |
| symantec | endpoint_protection | 11.0 |
| aladdin | esafe | 7.0.17.0 |
| avg | avg_anti-virus | 10.0.0.1190 |
| mcafee | scan_engine | 5.400.0.1158 |
| cat | quick_heal | 11.00 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| emsisoft | anti-malware | 5.1.0.1 |
| sophos | sophos_anti-virus | 4.61.0 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rising-global | rising_antivirus | 22.83.00.03 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| gdata-software | g_data_antivirus | 21 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| k7computing | antivirus | 9.77.3565 |
| microsoft | security_essentials | 2.0 |
| clamav | clamav | 0.96.4 |
| mcafee | gateway | 2010.1c |
| avg | avg_anti-virus | 10.0.0.1190 |
| mcafee | scan_engine | 5.400.0.1158 |
| cat | quick_heal | 11.00 |
| alwil | avast_antivirus | 5.0.677.0 |
| emsisoft | anti-malware | 5.1.0.1 |
| authentium | command_antivirus | 5.2.11.5 |
| eset | nod32_antivirus | 5795 |
| alwil | avast_antivirus | 4.8.1351.0 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| virusbuster | virusbuster | 13.6.151.0 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| anti-virus | vba32 | 3.12.14.2 |
| antiy | avl_sdk | 2.0.3.7 |
| trendmicro | housecall | 9.120.0.1004 |
| symantec | endpoint_protection | 11.0 |
| avira | antivir | 7.11.1.163 |
| bitdefender | bitdefender | 7.2 |
| aladdin | esafe | 7.0.17.0 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| rising-global | rising_antivirus | 22.83.00.03 |
| pc_tools | pc_tools_antivirus | 7.0.3.5 |
| gdata-software | g_data_antivirus | 21 |
| f-prot | f-prot_antivirus | 4.6.2.117 |
| k7computing | antivirus | 9.77.3565 |
| microsoft | security_essentials | 2.0 |
| clamav | clamav | 0.96.4 |
| mcafee | gateway | 2010.1c |
| nprotect | nprotect_antivirus | 2011-01-17.01 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| avg | avg_anti-virus | 10.0.0.1190 |
| mcafee | scan_engine | 5.400.0.1158 |
| cat | quick_heal | 11.00 |
| alwil | avast_antivirus | 5.0.677.0 |
| emsisoft | anti-malware | 5.1.0.1 |
| authentium | command_antivirus | 5.2.11.5 |
| pandasecurity | panda_antivirus | 10.0.2.7 |
| eset | nod32_antivirus | 5795 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| alwil | avast_antivirus | 4.8.1351.0 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| virusbuster | virusbuster | 13.6.151.0 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| comodo | comodo_antivirus | 7424 |
| anti-virus | vba32 | 3.12.14.2 |
| antiy | avl_sdk | 2.0.3.7 |
| trendmicro | housecall | 9.120.0.1004 |
| symantec | endpoint_protection | 11.0 |
| avira | antivir | 7.11.1.163 |
| bitdefender | bitdefender | 7.2 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| sophos | sophos_anti-virus | 4.61.0 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eset | nod32_antivirus | 5795 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| rising-global | rising_antivirus | 22.83.00.03 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| k7computing | antivirus | 9.77.3565 |
| norman | norman_antivirus_&_antispyware | 6.06.12 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| anti-virus | vba32 | 3.12.14.2 |
| trendmicro | housecall | 9.120.0.1004 |
| mcafee | gateway | 2010.1c |
| symantec | endpoint_protection | 11.0 |
| f-secure | f-secure_anti-virus | 9.0.16160.0 |
| bitdefender | bitdefender | 7.2 |
| avg | avg_anti-virus | 10.0.0.1190 |
| mcafee | scan_engine | 5.400.0.1158 |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
| emsisoft | anti-malware | 5.1.0.1 |
| sophos | sophos_anti-virus | 4.61.0 |
| authentium | command_antivirus | 5.2.11.5 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ZIP parser implementations.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| fortinet | fortinet_antivirus | 4.2.254.0 |
| aladdin | esafe | 7.0.17.0 |
| avg | avg_anti-virus | 10.0.0.1190 |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 |
| cat | quick_heal | 11.00 |
| emsisoft | anti-malware | 5.1.0.1 |
| jiangmin | jiangmin_antivirus | 13.0.900 |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 |
| ahnlab | v3_internet_security | 2011.01.18.00 |
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0.6200 |
| symantec | endpoint_protection | 11.0.7100 |
| symantec | endpoint_protection | 11.0.6200.754 |
| symantec | endpoint_protection | 11.0.6300 |
| symantec | endpoint_protection | 11.0.6000 |
| symantec | endpoint_protection | 11.0.6100 |
| symantec | endpoint_protection | 11.0.7000 |
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ibm | notes | * |
| symantec | data_loss_prevention_endpoint | * |
| symantec | messaging_gateway | * |
| ibm | domino | * |
| symantec | mail_security | * |
| hp | autonomy_keyview_idol | * |
| symantec | mail_security | 6.5.7 |
| symantec | data_loss_prevention_enforce/detection_servers | * |
Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pgp_desktop | 10.1.1 |
| symantec | pgp_desktop | 10.1.2 |
| symantec | pgp_desktop | 10.0.0 |
| symantec | pgp_desktop | 10.0.1 |
| symantec | pgp_desktop | 10.1.0 |
| symantec | pgp_desktop | 10.2.1 |
| symantec | encryption_desktop | 10.3.0 |
| symantec | pgp_desktop | 10.0.3 |
| symantec | pgp_desktop | 10.0.2 |
| symantec | pgp_desktop | 10.2.0 |
Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | netbackup_appliance | 2.0.0 |
Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | enterprise_vault_for_file_system_archiving | 10.0.0 |
| symantec | enterprise_vault_for_file_system_archiving | * |
Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pgp_desktop | 10.1.1 |
| symantec | pgp_desktop | 10.1.2 |
| symantec | pgp_desktop | 10.0.0 |
| symantec | pgp_desktop | 10.0.1 |
| symantec | pgp_desktop | 10.1.0 |
| symantec | pgp_desktop | 10.2.1 |
| symantec | encryption_desktop | 10.3.0 |
| symantec | pgp_desktop | 10.0.3 |
| symantec | pgp_desktop | 10.2.2 |
| symantec | pgp_desktop | 10.0.2 |
| symantec | pgp_desktop | 10.2.0 |
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | brightmail_gateway | 9.5 |
| symantec | brightmail_gateway | 9.5.1 |
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_center | 12.0.0 |
| symantec | endpoint_protection_manager | 12.1.0 |
| symantec | endpoint_protection_manager | 12.1.2 |
| symantec | endpoint_protection_manager | 12.1.1 |
| symantec | endpoint_protection_center | 12.0.1 |
SQL injection vulnerability in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | security_information_manager_appliance | - |
| symantec | security_information_manager | 4.7.1 |
| symantec | security_information_manager | 4.7.3 |
| symantec | security_information_manager | 4.8.0 |
| symantec | security_information_manager | 4.7.4 |
| symantec | security_information_manager | 4.7.0 |
| symantec | security_information_manager | 4.7.2 |
Multiple cross-site scripting (XSS) vulnerabilities in the management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | security_information_manager_appliance | - |
| symantec | security_information_manager | 4.7.1 |
| symantec | security_information_manager | 4.7.3 |
| symantec | security_information_manager | 4.8.0 |
| symantec | security_information_manager | 4.7.4 |
| symantec | security_information_manager | 4.7.0 |
| symantec | security_information_manager | 4.7.2 |
The management console (aka Java console) on the Symantec Security Information Manager (SSIM) appliance 4.7.x and 4.8.x before 4.8.1 allows remote attackers to obtain sensitive information via unspecified web-GUI API calls.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | security_information_manager_appliance | - |
| symantec | security_information_manager | 4.7.1 |
| symantec | security_information_manager | 4.7.3 |
| symantec | security_information_manager | 4.8.0 |
| symantec | security_information_manager | 4.7.4 |
| symantec | security_information_manager | 4.7.0 |
| symantec | security_information_manager | 4.7.2 |
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | * |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway_appliance_8450 | - |
| symantec | web_gateway | 5.0.3.18 |
| symantec | web_gateway_appliance_8490 | - |
| symantec | web_gateway | 5.0.2 |
| symantec | web_gateway | 5.0.3 |
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | * |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway_appliance_8450 | - |
| symantec | web_gateway | 5.0.3.18 |
| symantec | web_gateway_appliance_8490 | - |
| symantec | web_gateway | 5.0.2 |
| symantec | web_gateway | 5.0.3 |
Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | backup_exec | 2012 |
| symantec | backup_exec | 2010 |
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | * |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway_appliance_8450 | - |
| symantec | web_gateway | 5.0.3.18 |
| symantec | web_gateway_appliance_8490 | - |
| symantec | web_gateway | 5.0.2 |
| symantec | web_gateway | 5.0.3 |
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | * |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway_appliance_8450 | - |
| symantec | web_gateway | 5.0.3.18 |
| symantec | web_gateway_appliance_8490 | - |
| symantec | web_gateway | 5.0.2 |
| symantec | web_gateway | 5.0.3 |
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | * |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway_appliance_8450 | - |
| symantec | web_gateway | 5.0.3.18 |
| symantec | web_gateway_appliance_8490 | - |
| symantec | web_gateway | 5.0.2 |
| symantec | web_gateway | 5.0.3 |
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 does not properly implement RADIUS authentication, which allows remote attackers to execute arbitrary code by leveraging access to the login prompt.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | 5.0.1 |
| symantec | web_gateway | * |
| symantec | web_gateway | 5.0 |
| symantec | web_gateway_appliance_8450 | - |
| symantec | web_gateway | 5.0.3.18 |
| symantec | web_gateway_appliance_8490 | - |
| symantec | web_gateway | 5.0.2 |
| symantec | web_gateway | 5.0.3 |
Cross-site scripting (XSS) vulnerability in the Web Email Protection component in Symantec Encryption Management Server (formerly Symantec PGP Universal Server) before 3.3.0 MP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted encrypted e-mail attachment.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pgp_universal_server | 3.2.0 |
| symantec | encryption_management_server | * |
| symantec | encryption_management_server | 3.3.0 |
| symantec | pgp_universal_server | 3.2.1 |
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allow remote attackers to inject arbitrary web script or HTML via vectors involving a (1) custom-reports generation page, (2) Storage Devices creation page, or (3) jobs creation page in the management console; or (4) a Backup Exec server-management page in the beutility console.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | backup_exec | 2012 |
| symantec | backup_exec | 2010_r3 |
Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 uses weak permissions (Everyone: Read and Everyone: Change) for backup data files, which allows local users to obtain sensitive information or modify the outcome of a restore via direct access to these files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | backup_exec | 2012 |
| symantec | backup_exec | 2010_r3 |
| symantec | backup_exec | 2010 |
The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | backup_exec | 2012 |
| symantec | backup_exec | 2010_r3 |
| symantec | backup_exec | 2010 |
Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | workspace_virtualization | * |
The agent and task-agent components in Symantec Management Platform 7.0 and 7.1 before 7.1 SP2 Mp1.1v7 rollup, as used in certain Altiris products, use the same registry-entry encryption key across different customers' installations, which makes it easier for local users to obtain sensitive information about package-server access, or cause a denial of service, by leveraging knowledge of this key.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | management_platform | 7.0 |
| symantec | management_platform | 7.1 |
The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0.7100 |
| symantec | endpoint_protection | 11.0.1 |
| symantec | endpoint_protection | 11.0.6200.754 |
| symantec | endpoint_protection | 11.0.6300 |
| symantec | endpoint_protection | 11.0.2 |
| symantec | endpoint_protection | 11.0.6000 |
| symantec | endpoint_protection | 11.0.6100 |
| symantec | endpoint_protection | * |
| symantec | endpoint_protection | 11.0.7000 |
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 11.0.4 |
| symantec | endpoint_protection | 11.0.6200 |
| symantec | endpoint_protection | 11.0.3001 |
The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0.7100 |
| symantec | endpoint_protection | 11.0.1 |
| symantec | endpoint_protection | 11.0.6200.754 |
| symantec | endpoint_protection | 11.0.6300 |
| symantec | endpoint_protection | 11.0.2 |
| symantec | endpoint_protection | 11.0.6000 |
| symantec | endpoint_protection | 11.0.6100 |
| symantec | endpoint_protection | * |
| symantec | endpoint_protection | 11.0.7000 |
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 11.0.4 |
| symantec | endpoint_protection | 11.0.6200 |
| symantec | endpoint_protection | 11.0.3001 |
Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0.7100 |
| symantec | endpoint_protection | 11.0.1 |
| symantec | endpoint_protection | 11.0.6200.754 |
| symantec | endpoint_protection | 11.0.6300 |
| symantec | endpoint_protection | 11.0.2 |
| symantec | endpoint_protection | 11.0.6000 |
| symantec | endpoint_protection | 11.0.6100 |
| symantec | endpoint_protection | * |
| symantec | endpoint_protection | 11.0.7000 |
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 11.0.4 |
| symantec | endpoint_protection | 11.0.6200 |
| symantec | endpoint_protection | 11.0.3001 |
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
Multiple cross-site scripting (XSS) vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.2 allow remote attackers to inject arbitrary web script or HTML via (1) vectors involving PHP scripts and (2) unspecified other vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 11.0 |
| symantec | endpoint_protection_manager | 12.1.3 |
| symantec | endpoint_protection_manager | 12.1.0 |
| symantec | endpoint_protection_manager | 12.1.2 |
| symantec | protection_center | 12.0 |
| symantec | endpoint_protection_manager | 12.1.1 |
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 11.0 |
| symantec | endpoint_protection_manager | 12.1.3 |
| symantec | endpoint_protection_manager | 12.1.0 |
| symantec | endpoint_protection_manager | 12.1.2 |
| symantec | protection_center | 12.0 |
| symantec | endpoint_protection_manager | 12.1.1 |
SNMPConfig.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote attackers to execute arbitrary commands via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
The Web Email Protection component in Symantec Encryption Management Server (aka PGP Universal Server) before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_management_server | * |
| symantec | encryption_management_server | 3.3.0 |
The forgotten-password feature in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to reset arbitrary passwords by providing the e-mail address associated with a user account.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate_administrator | 2.3.1 |
| symantec | liveupdate_administrator | * |
| symantec | liveupdate_administrator | 2.1.2 |
| symantec | liveupdate_administrator | 2.2.2.9 |
| symantec | liveupdate_administrator | 2.1.0 |
| symantec | liveupdate_administrator | 2.2.2 |
| symantec | liveupdate_administrator | 2.1.3 |
| symantec | liveupdate_administrator | 2.2.1 |
| symantec | liveupdate_administrator | 2.3.0 |
SQL injection vulnerability in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | liveupdate_administrator | 2.3.1 |
| symantec | liveupdate_administrator | * |
| symantec | liveupdate_administrator | 2.1.2 |
| symantec | liveupdate_administrator | 2.2.2.9 |
| symantec | liveupdate_administrator | 2.1.0 |
| symantec | liveupdate_administrator | 2.2.2 |
| symantec | liveupdate_administrator | 2.1.3 |
| symantec | liveupdate_administrator | 2.2.1 |
| symantec | liveupdate_administrator | 2.3.0 |
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform memory copies, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate.
CVSS 2.0
Severity: LOW
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pgp_desktop | 10.1.1 |
| symantec | encryption_desktop | 10.3.1 |
| symantec | pgp_desktop | 10.2.1 |
| symantec | encryption_desktop | 10.3.2 |
| symantec | encryption_desktop | 10.3.0 |
| symantec | pgp_desktop | 10.2.2 |
| symantec | pgp_desktop | 10.0.2 |
| symantec | pgp_desktop | 10.2.0 |
| symantec | pgp_desktop | 10.1.2 |
| symantec | pgp_desktop | 10.0.0 |
| symantec | pgp_desktop | 10.0.1 |
| symantec | pgp_desktop | 10.1.0 |
| symantec | pgp_desktop | 10.0.3 |
Symantec PGP Desktop 10.0.x through 10.2.x and Encryption Desktop Professional 10.3.x before 10.3.2 MP1 do not properly perform block-data moves, which allows remote attackers to cause a denial of service (read access violation and application crash) via a malformed certificate.
CVSS 2.0
Severity: LOW
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pgp_desktop | 10.1.1 |
| symantec | encryption_desktop | 10.3.1 |
| symantec | pgp_desktop | 10.2.1 |
| symantec | encryption_desktop | 10.3.2 |
| symantec | encryption_desktop | 10.3.0 |
| symantec | pgp_desktop | 10.2.2 |
| symantec | pgp_desktop | 10.0.2 |
| symantec | pgp_desktop | 10.2.0 |
| symantec | pgp_desktop | 10.1.2 |
| symantec | pgp_desktop | 10.0.0 |
| symantec | pgp_desktop | 10.0.1 |
| symantec | pgp_desktop | 10.1.0 |
| symantec | pgp_desktop | 10.0.3 |
Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x before 10.5.2 allows remote attackers to inject arbitrary web script or HTML via the displayTab parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | 10.0 |
| symantec | messaging_gateway | 10.0.1 |
| symantec | messaging_gateway | 10.0.2 |
| symantec | messaging_gateway | 10.5.0 |
| symantec | messaging_gateway | 10.5.1 |
| symantec | messaging_gateway | 10.0.3 |
The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sending a crafted XMLRPC request over HTTPS.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | workspace_streaming | * |
| symantec | workspace_streaming | 6.1 |
SQL injection vulnerability in user.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
SQL injection vulnerability in clientreport.php in the management console in Symantec Web Gateway (SWG) before 5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
| symantec | web_gateway | 5.1 |
Multiple cross-site scripting (XSS) vulnerabilities in the management console in Symantec Web Gateway (SWG) before 5.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified report parameters.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
| symantec | web_gateway | 5.1 |
Symantec PGP Desktop 10.x, and Encryption Desktop Professional 10.3.x before 10.3.2 MP2, on OS X uses world-writable permissions for temporary files, which allows local users to bypass intended restrictions on file reading, modification, creation, and permission changes via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pgp_desktop | 10.1.1 |
| symantec | encryption_desktop | 10.3.1 |
| symantec | pgp_desktop | 10.2.1 |
| symantec | encryption_desktop | 10.3.2 |
| symantec | encryption_desktop | 10.3.0 |
| symantec | pgp_desktop | 10.2.2 |
| symantec | pgp_desktop | 10.0.2 |
| symantec | pgp_desktop | 10.2.0 |
| symantec | pgp_desktop | 10.1.2 |
| symantec | pgp_desktop | 10.0.0 |
| symantec | pgp_desktop | 10.0.1 |
| symantec | pgp_desktop | 10.1.0 |
| symantec | pgp_desktop | 10.0.3 |
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified form field.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_insight | 3.0 |
| symantec | data_insight | 3.0.1 |
| symantec | data_insight | 4.0 |
Cross-site scripting (XSS) vulnerability in the management console in Symantec Data Insight 3.x and 4.x before 4.5 allows remote attackers to inject arbitrary web script or HTML via an unspecified form field, related to an "HTML script injection" issue.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_insight | 3.0 |
| symantec | data_insight | 3.0.1 |
| symantec | data_insight | 4.0 |
Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
Symantec Encryption Desktop 10.3.x before 10.3.2 MP3, and Symantec PGP Desktop 10.0.x through 10.2.x, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted encrypted e-mail message that decompresses to a larger size.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-310,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | pgp_desktop | 10.1.1 |
| symantec | encryption_desktop | 10.3.1 |
| symantec | pgp_desktop | 10.2.1 |
| symantec | encryption_desktop | 10.3.2 |
| symantec | encryption_desktop | 10.3.0 |
| symantec | pgp_desktop | 10.2.2 |
| symantec | pgp_desktop | 10.0.2 |
| symantec | pgp_desktop | 10.2.0 |
| symantec | pgp_desktop | 10.1.2 |
| symantec | pgp_desktop | 10.0.0 |
| symantec | pgp_desktop | 10.0.1 |
| symantec | pgp_desktop | 10.1.0 |
| symantec | pgp_desktop | 10.0.3 |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 12.1.3 |
| symantec | endpoint_protection_manager | 12.1.0 |
| symantec | endpoint_protection_manager | 12.1.2 |
| symantec | endpoint_protection_manager | 12.1.1 |
Multiple cross-site scripting (XSS) vulnerabilities in console interface scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 12.1.3 |
| symantec | endpoint_protection_manager | 12.1.0 |
| symantec | endpoint_protection_manager | 12.1.2 |
| symantec | endpoint_protection_manager | 12.1.1 |
ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to write to arbitrary files via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 12.1.3 |
| symantec | endpoint_protection_manager | 12.1.0 |
| symantec | endpoint_protection_manager | 12.1.2 |
| symantec | endpoint_protection_manager | 12.1.1 |
The Agent Control Interface in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary commands by leveraging client-system access to upload a log file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| broadcom | symantec_critical_system_protection | 5.2.9 |
| symantec | data_center_security | 6.0.0 |
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | deployment_solution | * |
The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_management_server | * |
| symantec | pgp_universal_server | * |
Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allow remote authenticated administrators to execute arbitrary shell commands via a crafted command line in a database-backup restore action.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_management_server | * |
| symantec | pgp_universal_server | * |
SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| broadcom | symantec_critical_system_protection | 5.2.9 |
| symantec | data_center_security | 6.0.0 |
Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| broadcom | symantec_critical_system_protection | 5.2.9 |
| symantec | data_center_security | 6.0.0 |
The ajaxswing webui in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to obtain sensitive server information via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| broadcom | symantec_critical_system_protection | 5.2.9 |
| symantec | data_center_security | 6.0.0 |
The management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows local users to bypass intended Protection Policies via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| broadcom | symantec_critical_system_protection | 5.2.9 |
| symantec | data_center_security | 6.0.0 |
Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
Cross-site scripting (XSS) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_loss_prevention | * |
Symantec NetBackup OpsCenter 7.6.0.2 through 7.6.1 on Linux and UNIX allows remote attackers to execute arbitrary JavaScript code via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | netbackup_opscenter | 7.6.1 |
| symantec | netbackup_opscenter | 7.6.0.4 |
| symantec | netbackup_opscenter | 7.6.0.3 |
| symantec | netbackup_opscenter | 7.6.0.2 |
Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | workspace_streaming | 6.1 |
| symantec | workspace_streaming | 7.5 |
Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authentication of administrators.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_loss_prevention | * |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 12.1.0 |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 12.1.0 |
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 12.1.0 |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 12.1.0 |
Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 12.1.0 |
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 12.1.0 |
Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 12.1.0 |
The default configuration of SGOS in Blue Coat ProxySG before 6.2.16.5, 6.5 before 6.5.7.1, and 6.6 before 6.6.2.1 forwards authentication challenges from upstream origin content servers (OCS) when used in an explicit proxy deployment, which makes it easier for remote attackers to obtain sensitive information via a 407 (aka Proxy Authentication Required) HTTP status code, as demonstrated when using NTLM authentication.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | proxysg_firmware | * |
Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attackers to bypass a virtual machine protection mechanism and consequently write to arbitrary files, cause a denial of service (host reboot or reset to factory defaults), or execute arbitrary code via vectors related to saving files during analysis.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | malware_analyzer_g2 | * |
| symantec | malware_analysis_appliance | * |
ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | ghost_solutions_suite | 1.1 |
| symantec | ghost_solutions_suite | 2.0.1 |
| symantec | ghost_solutions_suite | 2.0.2 |
| symantec | deployment_solution | 6.9 |
| symantec | ghost_solutions_suite | 1.0 |
| symantec | ghost_solutions_suite | 2.0 |
| symantec | ghost_solutions_suite | 2.1 |
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a "redirect."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated an attack against admin_messages.php.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary code by uploading a file with a safe extension and content type, and then leveraging an improper Sudo configuration to make this a setuid-root file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands at boot time via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBackup OpsCenter before 7.7.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | netbackup_opscenter | * |
Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary Java code by connecting to the console Java port.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
EACommunicatorSrv.exe in the Framework Service in the client in Symantec Endpoint Encryption (SEE) before 11.1.0 allows remote authenticated users to discover credentials by triggering a memory dump.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | * |
Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_management_server | * |
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_management_server | * |
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_management_server | * |
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_management_server | * |
Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote attackers to execute arbitrary code via a crafted HTML document, related to "RWX Permissions."
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | 11.0.0 |
| symantec | endpoint_encryption | 11.0 |
| symantec | endpoint_encryption | 11.0.1 |
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.
CVSS 2.0
Severity: LOW
Problem Type: CWE-254,CWE-284,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
The Inventory Solution component in the Management Agent in the client in Symantec Altiris IT Management Suite (ITMS) through 7.6 HF7 allows local users to bypass intended application-blacklist restrictions via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | altiris_it_management_suite | * |
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
CVSS 2.0
Severity: LOW
Problem Type: CWE-255,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | 10.6.0 |
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-74,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | 10.6.0 |
| symantec | messaging_gateway | * |
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read unspecified application files via unknown vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | workspace_streaming | 7.5.0 |
| symantec | workspace_virtualization | 7.6.0 |
| symantec | workspace_virtualization | 7.5.0 |
| symantec | workspace_streaming | 7.6.0 |
The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read arbitrary files by modifying the file-download configuration file.
CVSS 2.0
Severity: LOW
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | workspace_streaming | 7.5.0 |
| symantec | workspace_virtualization | 7.6.0 |
| symantec | workspace_virtualization | 7.5.0 |
| symantec | workspace_streaming | 7.6.0 |
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | message_gateway | * |
| symantec | norton_antivirus | * |
| symantec | norton_bootable_removal_tool | * |
| symantec | data_center_security_server | 6.5 |
| symantec | mail_security_for_microsoft_exchange | 6.5.8 |
| symantec | endpoint_protection | 12.1.6 |
| symantec | protection_engine | * |
| symantec | protection_for_sharepoint_servers | 6.06 |
| symantec | protection_for_sharepoint_servers | 6.03 |
| symantec | data_center_security_server | 6.0 |
| symantec | message_gateway_for_service_providers | 10.6 |
| symantec | ngc | * |
| symantec | norton_security_with_backup | * |
| symantec | norton_360 | * |
| symantec | norton_internet_security | * |
| symantec | protection_for_sharepoint_servers | 6.04 |
| symantec | norton_security | * |
| symantec | protection_for_sharepoint_servers | 6.05 |
| symantec | norton_power_eraser | * |
| symantec | data_center_security_server | 6.6 |
| symantec | protection_engine | 7.8.0 |
| symantec | message_gateway_for_service_providers | 10.5 |
| symantec | advanced_threat_protection | * |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation and system crash) via a malformed PE header file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | anti-virus_engine | * |
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | message_gateway | * |
| symantec | norton_antivirus | * |
| symantec | norton_bootable_removal_tool | * |
| symantec | data_center_security_server | 6.5 |
| symantec | mail_security_for_microsoft_exchange | 6.5.8 |
| symantec | endpoint_protection | 12.1.6 |
| symantec | protection_engine | * |
| symantec | protection_for_sharepoint_servers | 6.06 |
| symantec | protection_for_sharepoint_servers | 6.03 |
| symantec | data_center_security_server | 6.0 |
| symantec | message_gateway_for_service_providers | 10.6 |
| symantec | ngc | * |
| symantec | norton_security_with_backup | * |
| symantec | norton_360 | * |
| symantec | norton_internet_security | * |
| symantec | protection_for_sharepoint_servers | 6.04 |
| symantec | norton_security | * |
| symantec | protection_for_sharepoint_servers | 6.05 |
| symantec | norton_power_eraser | * |
| symantec | data_center_security_server | 6.6 |
| symantec | protection_engine | 7.8.0 |
| symantec | message_gateway_for_service_providers | 10.5 |
| symantec | advanced_threat_protection | * |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | message_gateway | * |
| symantec | norton_antivirus | * |
| symantec | norton_bootable_removal_tool | * |
| symantec | data_center_security_server | 6.5 |
| symantec | mail_security_for_microsoft_exchange | 6.5.8 |
| symantec | endpoint_protection | 12.1.6 |
| symantec | protection_engine | * |
| symantec | protection_for_sharepoint_servers | 6.06 |
| symantec | protection_for_sharepoint_servers | 6.03 |
| symantec | data_center_security_server | 6.0 |
| symantec | message_gateway_for_service_providers | 10.6 |
| symantec | ngc | * |
| symantec | norton_security_with_backup | * |
| symantec | norton_360 | * |
| symantec | norton_internet_security | * |
| symantec | protection_for_sharepoint_servers | 6.04 |
| symantec | norton_security | * |
| symantec | protection_for_sharepoint_servers | 6.05 |
| symantec | norton_power_eraser | * |
| symantec | data_center_security_server | 6.6 |
| symantec | protection_engine | 7.8.0 |
| symantec | message_gateway_for_service_providers | 10.5 |
| symantec | advanced_threat_protection | * |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | message_gateway | * |
| symantec | norton_antivirus | * |
| symantec | norton_bootable_removal_tool | * |
| symantec | data_center_security_server | 6.5 |
| symantec | mail_security_for_microsoft_exchange | 6.5.8 |
| symantec | endpoint_protection | 12.1.6 |
| symantec | protection_engine | * |
| symantec | protection_for_sharepoint_servers | 6.06 |
| symantec | protection_for_sharepoint_servers | 6.03 |
| symantec | data_center_security_server | 6.0 |
| symantec | message_gateway_for_service_providers | 10.6 |
| symantec | ngc | * |
| symantec | norton_security_with_backup | * |
| symantec | norton_360 | * |
| symantec | norton_internet_security | * |
| symantec | protection_for_sharepoint_servers | 6.04 |
| symantec | norton_security | * |
| symantec | protection_for_sharepoint_servers | 6.05 |
| symantec | norton_power_eraser | * |
| symantec | data_center_security_server | 6.6 |
| symantec | protection_engine | 7.8.0 |
| symantec | message_gateway_for_service_providers | 10.5 |
| symantec | advanced_threat_protection | * |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_center_security_server | 6.0 |
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | message_gateway_for_service_providers | 10.6 |
| symantec | message_gateway | * |
| symantec | ngc | * |
| symantec | norton_security_with_backup | * |
| symantec | protection_for_sharepoint_servers | * |
| symantec | norton_antivirus | * |
| symantec | norton_bootable_removal_tool | * |
| symantec | norton_360 | * |
| symantec | norton_internet_security | * |
| symantec | data_center_security_server | 6.5 |
| symantec | norton_security | * |
| symantec | mail_security_for_microsoft_exchange | 6.5.8 |
| symantec | endpoint_protection | 12.1.6 |
| symantec | norton_power_eraser | * |
| symantec | data_center_security_server | 6.6 |
| symantec | protection_engine | * |
| symantec | protection_engine | 7.8.0 |
| symantec | message_gateway_for_service_providers | 10.5 |
| symantec | advanced_threat_protection | * |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_center_security_server | 6.0 |
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | message_gateway_for_service_providers | 10.6 |
| symantec | message_gateway | * |
| symantec | ngc | * |
| symantec | norton_security_with_backup | * |
| symantec | protection_for_sharepoint_servers | * |
| symantec | norton_antivirus | * |
| symantec | norton_bootable_removal_tool | * |
| symantec | norton_360 | * |
| symantec | norton_internet_security | * |
| symantec | data_center_security_server | 6.5 |
| symantec | norton_security | * |
| symantec | mail_security_for_microsoft_exchange | 6.5.8 |
| symantec | endpoint_protection | 12.1.6 |
| symantec | norton_power_eraser | * |
| symantec | data_center_security_server | 6.6 |
| symantec | protection_engine | * |
| symantec | protection_engine | 7.8.0 |
| symantec | message_gateway_for_service_providers | 10.5 |
| symantec | advanced_threat_protection | * |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_center_security_server | 6.0 |
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | message_gateway_for_service_providers | 10.6 |
| symantec | message_gateway | * |
| symantec | ngc | * |
| symantec | norton_security_with_backup | * |
| symantec | protection_for_sharepoint_servers | * |
| symantec | norton_antivirus | * |
| symantec | norton_bootable_removal_tool | * |
| symantec | norton_360 | * |
| symantec | norton_internet_security | * |
| symantec | data_center_security_server | 6.5 |
| symantec | norton_security | * |
| symantec | mail_security_for_microsoft_exchange | 6.5.8 |
| symantec | endpoint_protection | 12.1.6 |
| symantec | norton_power_eraser | * |
| symantec | data_center_security_server | 6.6 |
| symantec | protection_engine | * |
| symantec | protection_engine | 7.8.0 |
| symantec | message_gateway_for_service_providers | 10.5 |
| symantec | advanced_threat_protection | * |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization window.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,CWE-254,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
The Client Intrusion Detection System (CIDS) driver before 15.0.6 in Symantec Endpoint Protection (SEP) and before 15.1.2 in Norton Security allows remote attackers to cause a denial of service (memory corruption and system crash) via a malformed Portable Executable (PE) file.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | client_intrusion_detection_system | * |
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | email_security.cloud | - |
| symantec | mail_security_for_microsoft_exchange | 7.5.1 |
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | endpoint_protection_for_small_business | - |
| symantec | mail_security_for_microsoft_exchange | 7.5.3 |
| symantec | mail_security_for_microsoft_exchange | 7.0.2 |
| symantec | protection_for_sharepoint_servers | 6.0.6 |
| symantec | mail_security_for_microsoft_exchange | 7.0.3 |
| symantec | protection_engine | 7.5.2 |
| symantec | protection_engine | 7.5.1 |
| symantec | endpoint_protection_for_small_business | * |
| symantec | messaging_gateway_for_service_providers | 10.5 |
| symantec | protection_for_sharepoint_servers | 6.0.7 |
| symantec | protection_engine | 7.5.0 |
| symantec | messaging_gateway | * |
| symantec | protection_for_sharepoint_servers | 6.0.3 |
| symantec | protection_engine | * |
| symantec | protection_engine | 7.5.5 |
| symantec | protection_for_sharepoint_servers | 6.0.4 |
| symantec | web_gateway | - |
| symantec | mail_security_for_domino | 8.1.2 |
| symantec | mail_security_for_domino | 8.1.3 |
| symantec | mail_security_for_microsoft_exchange | 7.0 |
| symantec | mail_security_for_microsoft_exchange | 7.5.2 |
| symantec | endpoint_protection | * |
| symantec | mail_security_for_microsoft_exchange | 7.5.4 |
| symantec | protection_engine | 7.5.3 |
| symantec | protection_engine | 7.5.4 |
| symantec | mail_security_for_microsoft_exchange | 7.0.1 |
| symantec | mail_security_for_microsoft_exchange | 7.5 |
| symantec | endpoint_protection_cloud | - |
| broadcom | symantec_data_center_security_server | - |
| symantec | protection_for_sharepoint_servers | 6.0.5 |
| symantec | web_security.cloud | - |
| symantec | protection_engine | 7.8.0 |
| symantec | advanced_threat_protection | - |
| symantec | messaging_gateway_for_service_providers | 10.6 |
| symantec | mail_security_for_microsoft_exchange | 7.0.4 |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-787,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | email_security.cloud | - |
| symantec | mail_security_for_microsoft_exchange | 7.5.1 |
| symantec | mail_security_for_microsoft_exchange | * |
| symantec | endpoint_protection_for_small_business | - |
| symantec | mail_security_for_microsoft_exchange | 7.5.3 |
| symantec | mail_security_for_microsoft_exchange | 7.0.2 |
| symantec | protection_for_sharepoint_servers | 6.0.6 |
| symantec | mail_security_for_microsoft_exchange | 7.0.3 |
| symantec | protection_engine | 7.5.2 |
| symantec | protection_engine | 7.5.1 |
| symantec | endpoint_protection_for_small_business | * |
| symantec | messaging_gateway_for_service_providers | 10.5 |
| symantec | protection_for_sharepoint_servers | 6.0.7 |
| symantec | protection_engine | 7.5.0 |
| symantec | messaging_gateway | * |
| symantec | protection_for_sharepoint_servers | 6.0.3 |
| symantec | protection_engine | * |
| symantec | protection_engine | 7.5.5 |
| symantec | protection_for_sharepoint_servers | 6.0.4 |
| symantec | web_gateway | - |
| symantec | mail_security_for_domino | 8.1.2 |
| symantec | mail_security_for_domino | 8.1.3 |
| symantec | mail_security_for_microsoft_exchange | 7.0 |
| symantec | mail_security_for_microsoft_exchange | 7.5.2 |
| symantec | endpoint_protection | * |
| symantec | mail_security_for_microsoft_exchange | 7.5.4 |
| symantec | protection_engine | 7.5.3 |
| symantec | protection_engine | 7.5.4 |
| symantec | mail_security_for_microsoft_exchange | 7.0.1 |
| symantec | mail_security_for_microsoft_exchange | 7.5 |
| symantec | endpoint_protection_cloud | - |
| broadcom | symantec_data_center_security_server | - |
| symantec | protection_for_sharepoint_servers | 6.0.5 |
| symantec | web_security.cloud | - |
| symantec | protection_engine | 7.8.0 |
| symantec | advanced_threat_protection | - |
| symantec | messaging_gateway_for_service_providers | 10.6 |
| symantec | mail_security_for_microsoft_exchange | 7.0.4 |
| symantec | mail_security_for_domino | * |
| symantec | csapi | * |
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_family | * |
| symantec | norton_security_with_backup | * |
| symantec | norton_antivirus_with_backup | * |
| symantec | norton_antivirus | * |
| symantec | norton_360 | * |
| symantec | norton_internet_security | * |
| symantec | endpoint_protection | * |
| symantec | endpoint_protection_cloud | * |
| symantec | norton_security | * |
Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.ChartStream.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
Symantec Web Gateway (SWG) before 5.2.5 allows remote authenticated users to execute arbitrary OS commands.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_gateway | * |
A Denial of Service vulnerability exists in Symantec Norton Mobile Security for Android prior to 3.16, which could let a remote malicious user conduct a man-in-the-middle attack via specially crafted JavaScript.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.6 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_mobile_security | * |
A security bypass vulnerability exists in Symantec Norton Mobile Security for Android before 3.16, which could let a malicious user conduct a man-in-the-middle via specially crafted JavaScript to add arbitrary URLs to the URL whitelist.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.7 | LOW | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N | 2.2 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_mobile_security | * |
An Information Disclosure vulnerability exists in the mid.dat file stored on the SD card in Symantec Norton Mobile Security for Android before 3.16, which could let a local malicious user obtain sensitive information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_mobile_security | * |
A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | it_management_suite | 8.0 |
A Denial of Service vulnerability exists in the ITMS workflow process manager login window in Symantec IT Management Suite 8.0.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 2.8 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | it_management_suite | 8.0 |
A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | 7.6 |
| symantec | encryption_desktop | * |
| symantec | endpoint_encryption | * |
| symantec | ghost_solution_suite | 3.1 |
| symantec | it_management_suite | 8.0 |
| symantec | it_management_suite | 7.6 |
A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N | 0.7 | 5.8 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-863,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_app_lock | * |
A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user's system, will cause the Norton Download Manager component to load the remote user's DLL instead of the intended DLL and execute arbitrary code when the Norton Download Manager component is run by the target user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_download_manager | * |
A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | vip_access_desktop | * |
The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | content_analysis | 1.3 |
| symantec | content_analysis | 2.1 |
| symantec | mail_threat_defense | 1.1 |
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. In very narrow circumstances, and on 64-bit systems only, this could allow the user to run arbitrary code on the local machine with kernel-level privileges. This could result in a non-privileged user gaining privileged access on the local machine.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 12.1.6 |
| symantec | endpoint_protection | * |
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 12.1.6 |
| symantec | endpoint_protection | * |
Symantec ProxyClient 3.4 for Windows is susceptible to a privilege escalation vulnerability. A malicious local Windows user can, under certain circumstances, exploit this vulnerability to escalate their privileges on the system and execute arbitrary code with LocalSystem privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | proxyclient | 3.4 |
A denial of service (DoS) attack in Symantec Endpoint Encryption before SEE 11.1.3HF2 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | * |
A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_desktop | * |
Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 14 |
| symantec | endpoint_protection | * |
Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
In Symantec Encryption Desktop before SED 10.4.1 MP2HF1, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code.
CVSS 2.0
Severity: LOW
Problem Type: CWE-772,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_desktop | * |
In Symantec Endpoint Encryption before SEE 11.1.3HF3, a kernel memory leak is a type of resource leak that can occur when a computer program incorrectly manages memory allocations in such a way that memory which is no longer needed is not released. In object-oriented programming, a memory leak may happen when an object is stored in memory but cannot be accessed by the running code.
CVSS 2.0
Severity: LOW
Problem Type: CWE-772,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | 11.1.1 |
| symantec | endpoint_encryption | 11.1.0 |
| symantec | endpoint_encryption | 11.0.0 |
| symantec | endpoint_encryption | 11.1.2 |
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | * |
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-476,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | * |
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | management_console | * |
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to a Denial of Service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular device unavailable to its intended user by temporarily or indefinitely disrupting services of a specific host within a network.
CVSS 2.0
Severity: LOW
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_family | * |
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to an Information Disclosure issue. Information disclosure is a very common issue that attackers will attempt to exploit as a first pass across the application. As they probe the application they will take note of anything that may seem out of place or any bit of information they can use to their advantage such as error messages, system information, user data, version numbers, component names, URL paths, or even simple typos and misspellings.
CVSS 2.0
Severity: LOW
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_family | * |
Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | reporter | 10.1 |
| symantec | reporter | * |
Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_app_lock | * |
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | management_console | 8.0 |
| symantec | management_console | 7.6 |
| symantec | management_console | * |
The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro through despite the administrator having the 'disarm' functionality enabled. This constitutes a 'bypass' of the disarm functionality resident to the application.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. This file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-94,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 8.8 | HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 2.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,CWE-77,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | message_gateway | * |
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. A CSRF attack attempts to exploit the trust that a specific website has in a user's browser.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | message_gateway | * |
Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a DLL Pre-Loading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, the application will generally follow a specific search path to locate the DLL. The exploitation of the vulnerability manifests as a simple file write (or potentially an over-write) which results in a foreign executable running under the context of the application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | vip_access_for_desktop | * |
Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote attackers to cause a denial of service (resource consumption) via crafted web requests."
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_desktop | * |
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H | 1.8 | 5.2 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8 is susceptible to an OS command injection vulnerability. An authenticated malicious administrator with Enable mode access can execute arbitrary OS commands with elevated system privileges.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | reporter | * |
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | * |
| symantec | endpoint_protection | * |
| symantec | endpoint_protection_cloud | * |
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_antivirus | * |
| symantec | endpoint_protection | * |
| symantec | endpoint_protection_cloud | * |
The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-798,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_password_manager | * |
The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | security_analytics | * |
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths in the system identifier to access files that should not normally be accessible.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-611,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-1236,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 14 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only manifests at install time; no remediation is required for software that has already been installed. This issue only impacted the Trialware media for Symantec Endpoint Protection, which has since been updated.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website's rendered copy running inside the end user's web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | web_isolation | * |
Norton Password Manager for Android (formerly Norton Identity Safe) may be susceptible to a cross site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_password_manager | * |
Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_app_lock | * |
Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | ghost_solution_suite | 2.0 |
| symantec | ghost_solution_suite | 2.5 |
| symantec | ghost_solution_suite | 3.0 |
| symantec | ghost_solution_suite | 3.3 |
| symantec | ghost_solution_suite | 3.1 |
| symantec | ghost_solution_suite | 3.2 |
Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_password_manager | * |
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
CVSS 2.0
Severity: LOW
Problem Type: CWE-908,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 14 |
| symantec | endpoint_protection | nis-22.15.2.22 |
| symantec | endpoint_protection_cloud_agent | * |
| symantec | endpoint_protection | 14.0.0 |
| symantec | endpoint_protection_cloud | * |
| symantec | endpoint_protection | sep-12.1.7484.7002 |
| symantec | norton_security | * |
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | 14.0.1 |
| symantec | endpoint_protection_manager | 14.2 |
| symantec | endpoint_protection_manager | 14.1 |
| symantec | endpoint_protection_manager | 12.1 |
| symantec | endpoint_protection_manager | 14 |
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-269,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | nis-22.15.2.22 |
| symantec | endpoint_protection_cloud_agent | * |
| symantec | endpoint_protection_cloud | * |
| symantec | endpoint_protection | sep-12.1.7484.7002 |
| symantec | norton_security | * |
The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_core_firmware | * |
Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_utilities | * |
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.
CVSS 2.0
Severity: LOW
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | * |
| symantec | endpoint_protection | 14.0 |
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | * |
| symantec | endpoint_protection | 14.0 |
Norton Power Eraser (prior to 5.3.0.24) and SymDiag (prior to 2.1.242) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | symdiag | * |
| symantec | norton_power_eraser | * |
Norton App Lock prior to v1.3.0.332 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_app_lock | * |
The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | inventory | 8.0 |
| symantec | inventory | * |
| symantec | inventory | 8.1 |
Norton App Lock prior to version 1.3.0.329 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_app_lock | * |
The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | encryption_management_server | * |
Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | message_gateway | * |
The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass vulnerability which could potentially allow an attacker to circumvent the existing tamper protection in use on the resident system.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.1 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H | 0.9 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | sonar | * |
An information disclosure vulnerability in Symantec Reporter web UI 10.3 prior to 10.3.2.5 allows a malicious authenticated administrator user to obtain passwords for external SMTP, FTP, FTPS, LDAP, and Cloud Log Download servers that they might not otherwise be authorized to access. The malicious administrator user can also obtain the passwords of other Reporter web UI users.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | reporter | * |
Symantec My VIP portal, previous version which has already been auto updated, was susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users or potentially bypass access controls such as the same-origin policy.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | vip | - |
Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_password_manager | * |
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 2.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N | 0.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.7 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 0.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | * |
Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for MS Exchange (SMSMSE), prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 14.2 |
| symantec | mail_security | * |
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | * |
Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking other apps on the device, thereby allowing the individual to gain access.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.6 | MEDIUM | CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L | 0.1 | 5.5 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_app_lock | * |
A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated Management Center (MC) user's web browser history or a network device that intercepts/logs traffic to MC, to obtain CSRF tokens and use them to perform CSRF attacks against MC.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.9 | MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N | 2.2 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-352,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | management_center | 2.2 |
| symantec | management_center | 2.3 |
| symantec | management_center | 2.4 |
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.2 | HIGH | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H | 1.2 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a server-side request forgery (SSRF) exploit, which is a type of issue that can let an attacker send crafted requests from the backend server of a vulnerable web application or access services available through the loopback interface.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.3 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 3.9 | 3.4 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-918,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application user accounts without proper authentication.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N | 2.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | industrial_control_system_protection | * |
Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may be susceptible to a cross site scripting (XSS) issue. XSS is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. An XSS vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| fedoraproject | fedora | 30 |
| symantec | endpoint_detection_and_response | * |
| fedoraproject | fedora | 31 |
Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | 11.1.1 |
| symantec | endpoint_encryption | 11.1 |
| symantec | endpoint_encryption | 11.1.3 |
| symantec | endpoint_encryption | 11.2 |
| symantec | endpoint_encryption | 11.0 |
| symantec | endpoint_encryption | 11.1.2 |
Norton Core prior to v278 may be susceptible to an arbitrary code execution issue, which is a type of vulnerability that has the potential of allowing an individual to execute arbitrary commands or code on a target machine or in a target process. Note that this exploit is only possible with direct physical access to the device.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | norton_core_firmware | * |
Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | vip_enterprise_gateway | 9.7 |
| symantec | vip_enterprise_gateway | * |
An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | management_center | 2.0 |
| symantec | management_center | * |
| symantec | management_center | 2.1 |
Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated privileges.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | antivirus_engine | * |
Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.5 | MEDIUM | CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N | 0.9 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_loss_prevention | 14.0.2 |
| symantec | data_loss_prevention | 14.0 |
| symantec | data_loss_prevention | 15.0 |
| symantec | data_loss_prevention | 14.5 |
| symantec | data_loss_prevention | 15.1 |
| symantec | data_loss_prevention | 14.0.1 |
| symantec | data_loss_prevention | 15.5 |
| symantec | data_loss_prevention | 14.6 |
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | * |
Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_encryption | * |
Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_detection_and_response | * |
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-427,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | 1.8 | 3.6 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | 11.0 |
| symantec | endpoint_protection | 14.0.1 |
| symantec | endpoint_protection | 14.2 |
| symantec | endpoint_protection | 12.1 |
| symantec | endpoint_protection | 12.0 |
| symantec | endpoint_protection | 14.0.0 |
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 14.2 |
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 14.2 |
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 14.2 |
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 14.2 |
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
| symantec | endpoint_protection_manager | 14.2 |
Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | data_center_security | * |
Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 3.3 | LOW | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N | 1.8 | 1.4 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.3 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N | 3.9 | 1.4 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.0 | HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.0 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-362,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection_manager | * |
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_protection | * |
Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can potentially enable attackers to inject client-side scripts into web pages viewed by other users.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 4.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | 1.7 | 2.7 |
CVSS 2.0
Severity: LOW
Problem Type: CWE-79,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | it_analytics | * |
Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | 3.9 | 3.6 |
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_detection_and_response | * |
An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to 8.1.3-NSR3, 8.2, prior to 8.2.1-NSR2 or 8.2.2 allows a remote, unauthenticated attacker to execute arbitrary OS commands on the target with elevated privileges.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-78,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | security_analytics | * |
The Symantec Management Agent is susceptible to a privilege escalation vulnerability. A low privilege local account can be elevated to the SYSTEM level through registry manipulations.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | management_agent | 8.5 |
| symantec | management_agent | 8.6 |
An authenticated user who has the privilege to add/edit annotations on the Content tab, can craft a malicious annotation that can be executed on the annotations page (Annotation Text Column).
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
An authenticated user can embed malicious content with XSS into the admin group policy page.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | messaging_gateway | * |
Symantec Endpoint Detection and Response (SEDR) Appliance, prior to 4.7.0, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 9.8 | CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 3.9 | 5.9 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | endpoint_detection_and_response | * |
An authenticated user can see and modify the value for ‘next’ query parameter in Symantec Identity Portal 14.4
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 5.4 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N | 2.3 | 2.7 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | identity_portal | 14.4 |
Symantec Protection Engine, prior to 9.1.0, may be susceptible to a Hash Leak vulnerability.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N | 2.8 | 3.6 |
| secure@symantec.com | 6.8 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N | 2.3 | 4.0 |
Products Affected
| Vendor | Product | Version |
|---|---|---|
| symantec | protection_engine | * |