All the vulnerabilites related to symantec - endpoint_protection
Vulnerability from fkie_nvd
Published
2020-02-11 18:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escritura de archivos arbitraria, que es un tipo de problema por el cual un atacante es capaz de sobrescribir archivos existentes sobre el sistema residente sin los privilegios apropiados."
}
],
"id": "CVE-2020-5825",
"lastModified": "2024-11-21T05:34:39.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.997",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-01-09 20:15
Modified
2024-11-21 02:54
Severity ?
Summary
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99BAFC5B-CF3B-4B6E-A9FF-4426FB4F1C36",
"versionEndExcluding": "22.8.0.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB3235B-B116-477F-A615-CA4D725A4102",
"versionEndExcluding": "22.8.0.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB28D86F-DCDE-4034-B166-B3932FB6830D",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2725D6BB-F411-4A0F-A68F-A40AE3D76F51",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70D5D6E1-4E7C-44B9-8CC8-1B0EB5ADD462",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_family:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB88FB9-8802-4902-B430-4D4F77ECFB0A",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03C6560F-041D-4BDB-A857-359F22C93C60",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93566F86-6E3B-4C8F-8CA5-6C1662AEEDED",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAF3FD-F59A-4F2D-80E7-2D415C28431C",
"versionEndExcluding": "22.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escalada de privilegios en Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud y Endpoint Protection Cloud Client, debido a una precarga de DLL sin restricciones de ruta, que podr\u00eda permitir a un usuario malicioso local obtener privilegios system."
}
],
"id": "CVE-2016-5311",
"lastModified": "2024-11-21T02:54:04.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-09T20:15:11.163",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-11 20:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BD7B93-C5F6-4FA1-B450-E54B62F01C5D",
"versionEndExcluding": "14.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, versiones anteriores a 14.3, puede no respetar los permisos de archivo cuando se escriben en archivos de registro que son reemplazados por enlaces simb\u00f3licos, lo que puede conllevar a una potencial elevaci\u00f3n de privilegios."
}
],
"id": "CVE-2020-5837",
"lastModified": "2024-11-21T05:34:40.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-11T20:15:12.417",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-15 18:15
Modified
2024-11-21 04:23
Severity ?
Summary
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP), prior to 14.2 RU2 \u0026 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP), versiones anteriores a la versi\u00f3n 14.2 RU2 y 12.1 RU6 MP10 y Symantec Endpoint Protection Small Business Edition (SEP SBE) versiones anteriores a la versi\u00f3n 12.1 RU6 MP10d (12.1.7510.7002), puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2019-12757",
"lastModified": "2024-11-21T04:23:30.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T18:15:10.780",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-11 18:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad fuera de l\u00edmites, que es un tipo de problema que resulta en que una aplicaci\u00f3n existente lea la memoria fuera de los l\u00edmites de la memoria que ha sido asignada al programa."
}
],
"id": "CVE-2020-5826",
"lastModified": "2024-11-21T05:34:39.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:17.073",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-30 20:30
Modified
2024-11-21 01:02
Severity ?
Summary
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:-:*:*:corporate:*:*:*",
"matchCriteriaId": "357629A3-1F45-477D-B560-B4AFB6E163E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:maintenance_release7:*:*:corporate:*:*:*",
"matchCriteriaId": "D2126B10-14E6-4B47-8DA2-361BD51BD378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:-:*:*:corporate:*:*:*",
"matchCriteriaId": "11C99ECE-8A4E-4DF3-98CF-4B8E15F6662A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:maintenance_release1:*:*:corporate:*:*:*",
"matchCriteriaId": "D4B0ACE4-1374-40DF-8E52-C1785753ACBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "96B92C62-EB73-4777-9307-677754819F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:maintenance_release7:*:*:*:*:*:*",
"matchCriteriaId": "A63081A8-FB67-4E43-98CF-CD59D7BA5556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:maintenance_release1:*:*:*:*:*:*",
"matchCriteriaId": "D62FBC34-2CA4-430E-B3DF-8948E9F91B02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled."
},
{
"lang": "es",
"value": "Symantec Reporting Server, utilizado en Symantec AntiVirus (SAV) Corporate Edition v10.1 anterior a v10.1 MR8 y v10,2 antes de v10.2 MR2, Symantec Client Security (SCS), antes de v3.1 MR8, y el componente Symantec Endpoint Protection Manager (SEPM) en Symantec Endpoint Protection (SEP) anterior a v11.0 MR2, permite a atacantes remotos inyectar texto arbitrario en la pantalla de inicio de sesi\u00f3n y, posiblemente, realizar ataques de phishing, a trav\u00e9s de vectores relacionados con un URL que no est\u00e1 bien manejada."
}
],
"id": "CVE-2009-1432",
"lastModified": "2024-11-21T01:02:26.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-30T20:30:00.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34935"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022136"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022137"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022138"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34668"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-14 12:30
Modified
2024-11-21 01:43
Severity ?
Summary
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0:-:corporate:*:*:*:*:*",
"matchCriteriaId": "1D89BB8F-3BB5-45D0-9C34-66FCE8882716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:-:small_business:*:*:*:*:*",
"matchCriteriaId": "7D7E851B-1A0A-4077-9FCF-754D4FF798FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:scan_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9173FE69-9654-4D5C-864B-B64D840382F0",
"versionEndIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "El motor de descomposici\u00f3n en Symantec Endpoint Protection (SEP) v11.0, Symantec Endpoint Protection Small Business Edition v12.0, Symantec AntiVirus Corporate Edition (SAVCE) v10.x y Symantec Scan Engine (ESE) antes de v5.2.8 no realiza , de forma adecuada, comprobaciones sobre los l\u00edmites de los contenidos de los archivos CAB, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo modificado.\r\n"
}
],
"id": "CVE-2012-4953",
"lastModified": "2024-11-21T01:43:48.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-11-14T12:30:59.727",
"references": [
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/56399"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1027726"
},
{
"source": "cret@cert.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | * | |
| symantec | antivirus | * | |
| symantec | antivirus | - | |
| symantec | antivirus_central_quarantine_server | * | |
| symantec | client_security | * | |
| symantec | client_security | * | |
| symantec | endpoint_protection | * | |
| symantec | system_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DF1F4E2F-B0F3-4FC1-8085-0A7B88586FBB",
"versionEndIncluding": "10.2",
"versionStartIncluding": "10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E740F9D8-BC99-4016-9B2B-E868DE018549",
"versionEndIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF597A7-8F2D-4C9D-97C6-ACF8F57A771A",
"versionEndIncluding": "3.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
},
{
"lang": "es",
"value": "XFR.EXE en el servicio Intel File Transfer en la consola en Symantec Alert Management System 2 (AMS2), tal como se utiliza en Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 anteriores a 9.0 MR7, 10.0 y 10.1 anteriores a 10.1 MR8, y 10.2 anteriores a 10.2 MR2; Symantec Client Security (SCS) 2 anteriores a 2.0 MR7 y 3 anteriores a 3.1 MR8; y Symantec Endpoint Protection (SEP) anteriores a 11.0 MR3, permite a atacantes remotos la ejecuci\u00f3n de c\u00f3digo arbitrario colocando el c\u00f3digo en un (1) compartido o (2) servidor WebDAV y luego enviando la ruta al compartido UNC de este servicio."
}
],
"evaluatorImpact": "Per vendor: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02\r\n\r\n\"Symantec System Center Impact\r\n\r\nSymantec System Center (SSS) is a Microsoft Management Console (MMC) plug-in which allows an administrator to manage all Symantec AntiVirus platforms from a single, centralized location. Alert Management System 2 (AMS2) is an alerting feature of System Center that listens for specific events and sends notifications as specified by the administrator.\r\n\r\nAMS2 is installed by default with Symantec System Center 9.0. AMS2 is an optional component in Symantec System Center 10.0 or 10.1. These vulnerabilities will only impact systems if AMS has been installed.\r\n\r\nSymantec AntiVirus Server Impact\r\n\r\nAMS2 is installed by default with Symantec AntiVirus Server 9.0. AMS2 is an optional component in Symantec AntiVirus Server 10.0 or 10.1. These vulnerabilities will only impact systems if AMS has been installed.\r\n\r\nSymantec AntiVirus and Symantec Endpoint Protection Central Quarantine Server Impact\r\n\r\nAMS2 is installed by default by Central Quarantine Server. These vulnerabilities will only impact systems if Quarantine Server has been installed.\r\n\r\nSymantec is not aware of any customers impacted by these issues, or of any attempts to exploit them. However, we recommend that any affected customers update their product immediately to protect against potential attempts to exploit these issues.\r\n\r\nCertain localized language versions of SCS 2.0/SAV 9.x were not patched due to compatibility issues on the localized platforms. As a result, customers who are running the following versions are strongly recommended to update to a non-vulnerable SCS 2.0/SAV 9 International English version or upgrade to a non-vulnerable version of SEP 11.x:\r\n\r\nSymantec Client Security 2.0/Symantec AntiVirus Corporate Edition 9.x (Chinese Simplified and Chinese Traditional)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Chinese Simplified and Chinese Traditional)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Korean)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Japanese licensed)\"",
"id": "CVE-2009-1431",
"lastModified": "2024-11-21T01:02:26.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34675"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-11 18:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de inyecci\u00f3n DLL, que es un tipo de problema por el cual un individuo intenta ejecutar su propio c\u00f3digo en lugar de un c\u00f3digo leg\u00edtimo como un medio para llevar a cabo una explotaci\u00f3n."
}
],
"id": "CVE-2020-5821",
"lastModified": "2024-11-21T05:34:38.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.650",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-24 00:55
Modified
2024-11-21 01:37
Severity ?
Summary
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 11.0.6000 | |
| symantec | endpoint_protection | 11.0.6100 | |
| symantec | endpoint_protection | 11.0.6200 | |
| symantec | endpoint_protection | 11.0.6200.754 | |
| symantec | endpoint_protection | 11.0.6300 | |
| symantec | endpoint_protection | 11.0.7000 | |
| symantec | endpoint_protection | 11.0.7100 | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_2003_server | * | |
| microsoft | windows_2003_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "60EC86B8-5C8C-4873-B364-FB1F8EFE1CFF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic."
},
{
"lang": "es",
"value": "El m\u00f3dulo Network Threat Protection en Manager component en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.700x en Windows Server 2003 permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de la aplicaci\u00f3n) a trav\u00e9s de una inundaci\u00f3n de paquetes automatizados."
}
],
"id": "CVE-2012-1821",
"lastModified": "2024-11-21T01:37:50.767",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-24T00:55:02.727",
"references": [
{
"source": "cret@cert.org",
"url": "http://osvdb.org/82147"
},
{
"source": "cret@cert.org",
"url": "http://secunia.com/advisories/49221"
},
{
"source": "cret@cert.org",
"url": "http://www.kb.cert.org/vuls/id/149070"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/50358"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1027092"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/82147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/49221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kb.cert.org/vuls/id/149070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50358"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_00"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-10 16:47
Modified
2024-11-21 01:56
Severity ?
Summary
The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.3001 | |
| symantec | endpoint_protection | 11.0.6000 | |
| symantec | endpoint_protection | 11.0.6100 | |
| symantec | endpoint_protection | 11.0.6200 | |
| symantec | endpoint_protection | 11.0.6200.754 | |
| symantec | endpoint_protection | 11.0.6300 | |
| symantec | endpoint_protection | 11.0.7000 | |
| symantec | endpoint_protection | 11.0.7100 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87524517-D50E-4DA8-8EDC-395E1866BD59",
"versionEndIncluding": "11.0.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*",
"matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*",
"matchCriteriaId": "F1580B17-6873-40AD-B092-EB768E656C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "6C2C5BA5-2A3D-4D67-AA8F-0A454E69BE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*",
"matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*",
"matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account."
},
{
"lang": "es",
"value": "La Consola de Administraci\u00f3n en Symantec Endpoint Protection (SEP) 11.x anteriores a 11.0.7.4 y 12.x anteriores a 12.1.2 RU2 y Endpoint Protection Small Business Edition 12.x anteriores a 12.1.2 RU2 no realizan la autenticaci\u00f3n de forma apropiada , lo cual permite a usuarios remotos autenticados obtener privilegios aprovechando el acceso a una cuenta de administrador limitada."
}
],
"id": "CVE-2013-5009",
"lastModified": "2024-11-21T01:56:53.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-10T16:47:05.097",
"references": [
{
"source": "secure@symantec.com",
"url": "http://www.securityfocus.com/bid/64128"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"source": "secure@symantec.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90224"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-11 20:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BD7B93-C5F6-4FA1-B450-E54B62F01C5D",
"versionEndExcluding": "14.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection\u0027s Tamper Protection feature is disabled."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, versiones anteriores a 14.3, puede potencialmente restablecer las ACL en un archivo como un usuario limitado, mientras la funcionalidad Tamper Protection de Symantec Endpoint Protection es desactivada."
}
],
"id": "CVE-2020-5836",
"lastModified": "2024-11-21T05:34:40.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-11T20:15:12.337",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-23 21:55
Modified
2024-11-21 01:34
Severity ?
Summary
Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 12.1 | |
| symantec | endpoint_protection | 12.1.671 | |
| symantec | endpoint_protection | 12.1.1000 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8C3211-6088-49D6-8228-C4E9B5DF1631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.671:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0A9C72-FD2F-40F3-A094-58FC34F0857A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "4D997D8A-C093-4250-9481-3ED28E541B4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en el Servicio Manager en la consola de administracion en Symantec Endpoint Protection (SEP) v12.1 anterior a v12.1 RU1-MP1 permite a atacantes remotos eliminar ficheros mediante vectores desconocidos."
}
],
"id": "CVE-2012-0294",
"lastModified": "2024-11-21T01:34:44.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-23T21:55:01.083",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53182"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027093"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-20 20:59
Modified
2024-11-21 02:20
Severity ?
Summary
sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5C31-59F3-48DC-A9B6-AC616344EAE8",
"versionEndIncluding": "12.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition."
},
{
"lang": "es",
"value": "Vulnerabilidad en sysplant.sys en el componente Manager en Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1.6, permite a usuarios locales causar una denegaci\u00f3n de servicio (apagado de sistema bloqueado) desencadenando una condici\u00f3n de interbloqueo no especificada."
}
],
"id": "CVE-2014-9228",
"lastModified": "2024-11-21T02:20:26.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-20T20:59:01.570",
"references": [
{
"source": "secure@symantec.com",
"url": "http://www.securityfocus.com/bid/75202"
},
{
"source": "secure@symantec.com",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-19 17:30
Modified
2024-11-21 01:11
Severity ?
Summary
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02FE2FB-514A-48F9-8833-B1EF4CC1E27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD10A73-3DEF-48BD-9B35-D2BF791560E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03684DB6-9DC6-4EDD-902F-D1EC160330ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D38110-4B50-472E-9743-52A137F2ED93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1004A37-D22B-4690-8625-B631595C8B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7A5EDA-F1FF-4F66-BC78-DC6429D301CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A664090-5993-4DF2-AD6B-0F4867DB98B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "079D24C8-27D6-4794-8E56-58A7885DFE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "732CB44D-7468-486A-85CA-FA1365DB0F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E236C99A-D524-462A-BD8E-97A07B3BFC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "37456791-164A-489B-A905-8B61C6F91BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C39155B8-55BD-4B58-85DB-505876930A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "287B278D-A114-4795-8934-64E3C4472481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C311B10-D660-4F50-828D-6D2CDBE550BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "6D4A3BB0-C293-47D5-AC66-4AFAEC45EFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "120CD307-806A-45A8-9DCF-D23FEE072432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
"matchCriteriaId": "CD25A172-D70C-44E0-9551-F390AF0AD8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "8FB89648-5727-4F8F-83B7-3E11CE69EA3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr7:*:*:*:*:*:*",
"matchCriteriaId": "589E62A1-067B-4220-9959-03367E5E014F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
"matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
"matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via \"specific events\" that prevent the user from having read access to unspecified resources."
},
{
"lang": "es",
"value": "El escaneo bajo demanda en Symantec AntiVirus v10.0.x y v10.1.x anterior a MR9, AntiVirus v10.2.x, Client Security v3.0.x y v3.1.x anterior a MR9 y Endpoint Protection v11.x, cuando la protecci\u00f3n de manipulaci\u00f3n est\u00e1 desactivado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (prevenci\u00f3n de escaneo bajo demanda) a trav\u00e9s de \"eventos concretos\" que impiden que el usuario tenga acceso de lectura a recursos no especificados."
}
],
"id": "CVE-2010-0106",
"lastModified": "2024-11-21T01:11:32.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-19T17:30:00.660",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/62414"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38653"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38219"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023621"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/62414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9099B-FB1D-439B-BEAC-23D199542256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4AED9F60-CCEA-43EF-93B4-2C13F5574BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "24F42E84-1AB9-45CF-ABE7-17911915606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5393B-BC84-4590-9779-3A6752EC767F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression."
},
{
"lang": "es",
"value": "El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en veriones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1; y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (violaci\u00f3n de acceso a memoria) a trav\u00e9s de un archivo RAR manipulado que es manejado incorrectamente durante la descompresi\u00f3n."
}
],
"id": "CVE-2016-2207",
"lastModified": "2024-11-21T02:48:02.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:01.150",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91434"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40031/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40031/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-11 18:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a los recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2020-5820",
"lastModified": "2024-11-21T05:34:38.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.543",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-06 23:29
Modified
2024-11-21 03:29
Severity ?
Summary
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE67053-C23D-4C83-943C-9A15C5A1A1C4",
"versionEndExcluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients."
},
{
"lang": "es",
"value": "En versiones anteriores a SEP 14 RU1, el producto Symantec Endpoint Protection puede encontrarse con un problema de omisi\u00f3n de protecci\u00f3n contra manipulaciones, que es un tipo de ataque que omite la protecci\u00f3n en tiempo real para la aplicaci\u00f3n que se ejecuta en servidores y clientes."
}
],
"id": "CVE-2017-6331",
"lastModified": "2024-11-21T03:29:34.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-06T23:29:00.330",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101502"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"source": "secure@symantec.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43134/"
},
{
"source": "secure@symantec.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/43134/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-29 14:29
Modified
2024-11-21 03:44
Severity ?
Summary
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only manifests at install time; no remediation is required for software that has already been installed. This issue only impacted the Trialware media for Symantec Endpoint Protection, which has since been updated.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/105919 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105919 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "795C7621-3E4D-4907-9827-120D3BC2CD20",
"versionEndIncluding": "14.2.0.1",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only manifests at install time; no remediation is required for software that has already been installed. This issue only impacted the Trialware media for Symantec Endpoint Protection, which has since been updated."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection en versiones anteriores a la 14.2 MP1 puede ser susceptible a una vulnerabilidad de precarga de DLL, que en este caso es un problema que puede producirse cuando una aplicaci\u00f3n que se instala carga involuntariamente un DLL proporcionado por un posible atacante. N\u00f3tese que este tipo espec\u00edfico de explotaci\u00f3n solo se manifiesta en el momento de la instalaci\u00f3n; no se requiere remediaci\u00f3n para el software que ya ha sido instalado. Este problema solo afect\u00f3 a los dispositivos Trialware de Symantec Endpoint Protection, que desde entonces se ha actualizado."
}
],
"id": "CVE-2018-12245",
"lastModified": "2024-11-21T03:44:51.140",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-29T14:29:00.360",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105919"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-22 01:00
Modified
2024-11-21 01:11
Severity ?
Summary
fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.3001 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*",
"matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*",
"matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*",
"matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request."
},
{
"lang": "es",
"value": "fw_charts.php en el m\u00f3dulo de reporte en el componente Manager (tambi\u00e9n conocido como SEPM) en Symantec Endpoint Protection (SEP) 11.x, en versiones anteriores a la 11 RU6 MP2, permite a atacantes remotos eludir las restricciones establecidas en la generaci\u00f3n de reportes, sobreescribir scripts PHP de su elecci\u00f3n y ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n manipulada."
}
],
"id": "CVE-2010-0114",
"lastModified": "2024-11-21T01:11:33.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-22T01:00:02.283",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42643"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024900"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45372"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20101215_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3252"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-291/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20101215_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-291/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64118"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:50
Severity ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE4FB61-2CCC-41DD-8F06-65DE35A98E75",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA33EC1-D6B3-47D1-BCA1-399BC95187A1",
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A310968-717F-4DE8-88EA-E1CF7B842121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"matchCriteriaId": "ED771B06-2BD2-4B5D-9F91-B5377595E931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"matchCriteriaId": "12B8F2F5-0929-4B95-B6C3-33581F489AF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message."
},
{
"lang": "es",
"value": "El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linuxen versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de datos MIME modificados en un mensaje."
}
],
"id": "CVE-2016-3644",
"lastModified": "2024-11-21T02:50:26.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:05.760",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91431"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40034/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40034/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-15 18:15
Modified
2024-11-21 04:33
Severity ?
Summary
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 14.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E01DC1B-3D3D-4791-9668-29142FF2181B",
"versionEndIncluding": "14.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, versiones anteriores a la versi\u00f3n 14.2 RU2, puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2019-18372",
"lastModified": "2024-11-21T04:33:09.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T18:15:10.953",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9099B-FB1D-439B-BEAC-23D199542256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4AED9F60-CCEA-43EF-93B4-2C13F5574BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "24F42E84-1AB9-45CF-ABE7-17911915606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5393B-BC84-4590-9779-3A6752EC767F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Dec2SS.dll en el motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado."
}
],
"id": "CVE-2016-2209",
"lastModified": "2024-11-21T02:48:02.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:02.497",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91436"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| alwil | avast_antivirus | 4.8.1351.0 | |
| alwil | avast_antivirus | 5.0.677.0 | |
| anti-virus | vba32 | 3.12.14.2 | |
| antiy | avl_sdk | 2.0.3.7 | |
| authentium | command_antivirus | 5.2.11.5 | |
| avg | avg_anti-virus | 10.0.0.1190 | |
| avira | antivir | 7.11.1.163 | |
| bitdefender | bitdefender | 7.2 | |
| cat | quick_heal | 11.00 | |
| clamav | clamav | 0.96.4 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| eset | nod32_antivirus | 5795 | |
| f-prot | f-prot_antivirus | 4.6.2.117 | |
| gdata-software | g_data_antivirus | 21 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| jiangmin | jiangmin_antivirus | 13.0.900 | |
| k7computing | antivirus | 9.77.3565 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| microsoft | security_essentials | 2.0 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| pc_tools | pc_tools_antivirus | 7.0.3.5 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| symantec | endpoint_protection | 11.0 | |
| trendmicro | housecall | 9.120.0.1004 | |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 | |
| virusbuster | virusbuster | 13.6.151.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en Avira AntiVir versi\u00f3n 7.11.1.163, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, AVG Anti-Virus versi\u00f3n 10.0.0.1190, Bitdefender versi\u00f3n 7.2, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, ClamAV versi\u00f3n 0.96.4, Command Antivirus versi\u00f3n 5.2.11.5, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, eSafe versi\u00f3n 7.0.17.0, F-Prot antivirus versi\u00f3n 4.6.2.117, G Data AntiVirus versi\u00f3n 21, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Jiangmin Antivirus versi\u00f3n 13.0.900, K7 AntiVirus versi\u00f3n 9.77.3565, Kaspersky Anti-Virus versi\u00f3n 7.0.0.125, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, NOD32 Antivirus versi\u00f3n 5795, Norman Antivirus versi\u00f3n 6.06.12 , PC Tools AntiVirus versi\u00f3n 7.0.3.5, Rising Antivirus versi\u00f3n 22.83.00.03, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, VBA32 versi\u00f3n 3.12.14.2 y VirusBuster versi\u00f3n 13.6.151.0 , permite a los atacantes remotos omitir la detecci\u00f3n de malware por medio de una entrada de archivo TAR con un campo de longitud que supera el tama\u00f1o total del archivo TAR. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador de TAR."
}
],
"id": "CVE-2012-1457",
"lastModified": "2024-11-21T01:37:01.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.287",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80389"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80391"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80392"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80393"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80395"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80396"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80403"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80406"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80407"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52610"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-15 17:15
Modified
2024-11-21 04:23
Severity ?
Summary
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | https://support.symantec.com/us/en/article.SYMSA1488.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/us/en/article.SYMSA1488.html | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP), versiones anteriores a la versi\u00f3n 14.2 RU2, puede ser susceptible a una vulnerabilidad de omisi\u00f3n de protecci\u00f3n de contrase\u00f1a por la cual la capa secundaria de protecci\u00f3n de contrase\u00f1a podr\u00eda ser omitida para individuos con derechos de administrador local."
}
],
"id": "CVE-2019-12756",
"lastModified": "2024-11-21T04:23:30.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T17:15:13.213",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-22 21:00
Modified
2024-11-21 01:18
Severity ?
Summary
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | intel_alert_management_system | * | |
| symantec | antivirus | 10.1.4.4010 | |
| microsoft | windows_2000 | - | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.3001 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:intel_alert_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2E65A4-96C7-4C7E-9B25-346EAA5BDE71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.4010:*:corporate:*:*:*:*:*",
"matchCriteriaId": "17C1DCC3-7D90-454E-BC4D-D615944A9A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*",
"matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:rtm:*:*:*:*:*:*",
"matchCriteriaId": "BE45A9A3-ACFD-49C4-9E11-8FC74814568C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*",
"matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*",
"matchCriteriaId": "F1580B17-6873-40AD-B092-EB768E656C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "6C2C5BA5-2A3D-4D67-AA8F-0A454E69BE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*",
"matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*",
"matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request."
},
{
"lang": "es",
"value": "La funci\u00f3n GetStringAMSHandler en prgxhndl.dll en hndlrsvc.exe en Intel Alert Handler service (conocido como Symantec Intel Handler service) en Intel Alert Management System (AMS), como el usado en Symantec Antivirus Corporate Edition v10.1.4.4010 en Windows 2000 SP4 y Symantec Endpoint Protection anterior v11.x, no valida adecuadamente el campo CommandLine de una petici\u00f3n AMS, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda aplicaci\u00f3n) a trav\u00e9s de peticiones manipuladas. \r\n\r\n\r\n\r\n"
}
],
"id": "CVE-2010-3268",
"lastModified": "2024-11-21T01:18:24.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-22T21:00:15.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42593"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/43099"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024866"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-06 23:29
Modified
2024-11-21 03:11
Severity ?
Summary
Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/101503 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1039775 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00 | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101503 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039775 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00 | Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 14 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:m9:*:*:*:*:*:*",
"matchCriteriaId": "EBD6152B-C741-406F-A5DB-D32ED6DF9AD1",
"versionEndExcluding": "12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14:*:*:*:*:*:*:*",
"matchCriteriaId": "29CE970E-FEF1-402A-94C9-6D944E9DF17C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Prior to SEP 12.1 RU6 MP9 \u0026 SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product\u0027s UI to perform unauthorized file deletes on the resident file system."
},
{
"lang": "es",
"value": "En versiones anteriores a SEP 12.1 RU6 MP9 SEP 14 RU1, el endpoint Symantec Endpoint Protection Windows puede encontrarse con una situaci\u00f3n en la que un atacante podr\u00eda emplear la interfaz de usuario del producto para realizar borrados no autorizados de archivos en el sistema de archivos residente."
}
],
"id": "CVE-2017-13680",
"lastModified": "2024-11-21T03:11:24.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-06T23:29:00.220",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101503"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"source": "secure@symantec.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cat | quick_heal | 11.00 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| symantec | endpoint_protection | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) 11.00, Norman Antivirus 6.6.12, Rising Antivirus 22.83.00.03, y AVEngine 20101.3.0.103 en Symantec Endpoint Protection 11, permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo TAR POSIX con una secuencia de caracteres inicial MSCF. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador TAR."
}
],
"id": "CVE-2012-1421",
"lastModified": "2024-11-21T01:36:56.743",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:47.177",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9099B-FB1D-439B-BEAC-23D199542256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4AED9F60-CCEA-43EF-93B4-2C13F5574BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "24F42E84-1AB9-45CF-ABE7-17911915606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5393B-BC84-4590-9779-3A6752EC767F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Dec2LHA.dll en el motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado."
}
],
"id": "CVE-2016-2210",
"lastModified": "2024-11-21T02:48:02.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:03.667",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91437"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| avg | avg_anti-virus | 10.0.0.1190 | |
| cat | quick_heal | 11.00 | |
| comodo | comodo_antivirus | 7424 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| eset | nod32_antivirus | 5795 | |
| f-prot | f-prot_antivirus | 4.6.2.117 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| jiangmin | jiangmin_antivirus | 13.0.900 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| pandasecurity | panda_antivirus | 10.0.2.7 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 | |
| symantec | endpoint_protection | 11.0 | |
| trendmicro | housecall | 9.120.0.1004 | |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en AVG Anti-Virus 10.0.0.1190, Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) 11.00, Comodo Antivirus 7424, a-squared Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2 .254.0, Ikarus Virus Utilities Comando esc\u00e1ner de la l\u00ednea T3 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C, NOD32 Antivirus 5795 , Norman Antivirus 6.6.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, y Trend Micro HouseCall 9.120. 0.1004 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo tar con un archivo ZIP adjunto. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones de tar analizador."
}
],
"id": "CVE-2012-1456",
"lastModified": "2024-11-21T01:37:01.597",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.240",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80389"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80390"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80391"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80395"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80396"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80403"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80406"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52608"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74289"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74289"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:50
Severity ?
Summary
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE4FB61-2CCC-41DD-8F06-65DE35A98E75",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA33EC1-D6B3-47D1-BCA1-399BC95187A1",
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A310968-717F-4DE8-88EA-E1CF7B842121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"matchCriteriaId": "ED771B06-2BD2-4B5D-9F91-B5377595E931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"matchCriteriaId": "12B8F2F5-0929-4B95-B6C3-33581F489AF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data."
},
{
"lang": "es",
"value": "Desbordamiento de entero en el desempaquetado TNEF en el motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de datos TNEF manipulados."
}
],
"id": "CVE-2016-3645",
"lastModified": "2024-11-21T02:50:26.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:06.747",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91439"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 18:59
Modified
2024-11-21 02:54
Severity ?
Summary
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:symantec_data_center_security_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A85D64F-2912-4B59-9CF0-5266F5A44DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75EE5143-C90B-4E7F-BA5F-5B17995A8D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:email_security.cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9CB569-FE96-4783-A84F-BEE055DDED1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:mac:*:*",
"matchCriteriaId": "D98041D2-B769-4E3F-A072-6A2047082F09",
"versionEndIncluding": "12.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "1FE459CB-A040-4F02-8215-6B7BC4B9CEA9",
"versionEndIncluding": "12.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CB7A2E78-E9C9-4B54-83BA-1D76B320A2BB",
"versionEndIncluding": "12.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:-:*:*:*:*:mac:*:*",
"matchCriteriaId": "48B6AC19-877E-42C9-A0C7-17B6002E9542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "D9D06586-95B0-40F6-AF01-ABF6CDF4C607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_for_small_business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6720563F-0EE7-475E-968E-C5054CB0EEDE",
"versionEndIncluding": "12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_for_small_business:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "394A10F2-1147-4744-873B-5B0D38E371F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "748F255D-C57D-4483-A083-A8A904083535",
"versionEndIncluding": "8.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39AFBF7D-1101-4318-AC60-330329A82390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "93C49CF4-0B0C-4208-A774-5CA4756DD2FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7702EB09-8678-4F9A-97E5-C8FAD7E88D07",
"versionEndIncluding": "6.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27E28201-1358-44A9-9C62-25D7E8FEBEAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A066F69C-9CDF-40F6-A251-E746D6D6D6A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3E4851-D48E-4865-B15A-48F8C5B01A8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5DD08A2-273B-4AE8-BD68-96407106DB89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C726BA76-DF5A-4F82-B861-C5468B8950E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BE5FC3-6FCE-49A1-AD9B-D37098A63E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B36A5DF7-7FBD-48E2-A053-0FF65C1D97F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CEEFFE2C-BAA1-4879-8198-3FD8433117C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "263ED902-F90D-44D1-A19B-CD7C1C96C918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0B5687-BB44-455A-99C9-5A1A31170783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A721B7B-6A30-4671-8ED7-FB10A51585ED",
"versionEndIncluding": "10.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:messaging_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E43B415E-7C78-4DE8-9075-30A17A026DA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:messaging_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "02C60D4C-9A49-45EC-AC34-09B312B56D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30C55CDA-FE49-4870-800B-BEDD0AD2128A",
"versionEndIncluding": "7.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10A30D31-6D0A-48B0-9D96-7FECE032F288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "139B24CF-61DE-4891-BCB8-E2199067FD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10F4C9B3-48EA-4E57-B7E9-1E51E7D87F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B74A56-84F4-47AA-99BE-91F147B56FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4F235281-B0A6-4099-9E90-4EFDA3349E23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5D00F417-0D5F-43CA-8F01-66615CC32E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE3368B-DB3A-4EA2-8A8F-C6B8E78FCD00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC77EBB-A8E6-4CA4-9CEE-03EFF8E57DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F79636A0-C052-4F7C-B968-38959FABBA2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9369C5EC-B72D-485C-A0C2-72A86F65192D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67610E7A-D88F-40FD-9559-D020090FF000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32D1F17-65A7-49F7-B2C7-4AF4F5B8E311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security.cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82F1B16C-252B-4390-8CC9-B4509A0F0F13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression."
},
{
"lang": "es",
"value": "El componente del analizador de archivos RAR en el AntiVirus Decomposer engine en Symantec Advanced Threat Protection: Network (ATP) : Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Servidor; Symantec Endpoint Protection (SEP) para Windows en versiones anteriores a 12.1.6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) en versiones anteriores a Linux en versiones anteriores a 12.1.6 MP6; Symantec Endpoint Protection para SMALL Business Entreprise (SEP SBE / SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) para Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI en versiones anteriores a 10.0.4 HF02; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF02, 7.5.x en versiones anteriores a 7.5.4 HF02, 7.5.5 en versiones anteriores a 7.5.5 HF01 y 7.8.x en versiones anteriores a 7.8.0 HF03; Symantec Mail Security para Domino (SMSDOM) en versiones anteriores a 8.0.9 HF2.1, 8.1.x en versiones anteriores a 8.1.2 HF2.3 y 8.1.3 en versiones anteriores a 8.1.3 HF2.2; Symantec Mail Security para Microsoft Exchange (SMSMSE) en versiones anteriores a 6.5.8_3968140 HF2.3, 7.x en versiones anteriores a 7.0_3966002 HF2.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF2.2; Servidores de Symantec Protection para SharePoint (SPSS) antes de la actualizaci\u00f3n SPSS_6.0.3_To_6.0.5_HF_2.5, 6.0.6 en versiones anteriores a 6.0.6 HF_2.6 y 6.0.7 en versiones anteriores a 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) en versiones anteriores a 10.6.2; Symantec Messaging Gateway para proveedores de servicios (SMG-SP) en versiones anteriores a 10.5 parche 260 y en versiones anteriores a10.6 parche 259; Symantec Web Gateway; y Symantec Web Security.Cloud permite a los atacantes remotos provocar una denegaci\u00f3n de servicio (lectura fuera de l\u00edmites) a trav\u00e9s de un archivo RAR manipulado que se maneja incorrectamente durante la descompresi\u00f3n."
}
],
"id": "CVE-2016-5309",
"lastModified": "2024-11-21T02:54:04.413",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T18:59:00.500",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92868"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036847"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036848"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036849"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036850"
},
{
"source": "secure@symantec.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"source": "secure@symantec.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-07-31 18:15
Modified
2024-11-21 04:23
Severity ?
Summary
Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.2 RU1 \u0026 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, anterior de 14.2 RU1 y 12.1 RU6 MP10 y Symantec Endpoint Protection Small Business Edition, anterior de 12.1 RU6 MP10c (12.1.7491.7002), puede ser susceptible a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intente comprometer la aplicaci\u00f3n de software para obtener un acceso elevado a los recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o usuario."
}
],
"id": "CVE-2019-12750",
"lastModified": "2024-11-21T04:23:29.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-07-31T18:15:10.987",
"references": [
{
"source": "secure@symantec.com",
"url": "http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html"
},
{
"source": "secure@symantec.com",
"url": "http://seclists.org/fulldisclosure/2019/Dec/11"
},
{
"source": "secure@symantec.com",
"url": "http://seclists.org/fulldisclosure/2019/Dec/21"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1487.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Dec/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Dec/21"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1487.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en AhnLab V3 Internet Security versi\u00f3n 2011.01.18.00, Avira AntiVir versi\u00f3n 7.11.1.163, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, AVG Anti-Virus versi\u00f3n 10.0.0.1190, Bitdefender versi\u00f3n 7.2, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, ClamAV versi\u00f3n 0.96.4, Command Antivirus versi\u00f3n 5.2.11.5, Comodo Antivirus versi\u00f3n 7424, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, F-Prot Antivirus versi\u00f3n 4.6.2.117, F-Secure Anti-Virus versi\u00f3n 9.0.16160.0, Fortinet Antivirus versi\u00f3n 4.2.254.0, G Data AntiVirus versi\u00f3n 21, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Jiangmin Antivirus versi\u00f3n 13.0.900, K7 AntiVirus versi\u00f3n 9.77.3565, Kaspersky Anti-Virus versi\u00f3n 7.0.0.125, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, NOD32 Antivirus versi\u00f3n 5795, Norman Antivirus versi\u00f3n 6.06.12, nProtect antivirus versi\u00f3n 2011-01-17.01, Panda Antivirus versi\u00f3n 10.0.2.7, PC Tools AntiVirus versi\u00f3n 7.0.3.5, Rising Antivirus versi\u00f3n 22.83.00.03, Sophos Anti-Virus versi\u00f3n 4.61.0, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, VBA32 versi\u00f3n 3.12.14.2 y VirusBuster versi\u00f3n 13.6.151.0, permite a los atacantes remotos omitir la detecci\u00f3n de malware por medio de una entrada de archivo TAR con un campo de longitud correspondiente a toda la entrada, adem\u00e1s de parte del encabezado de la siguiente entrada. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador de TAR."
}
],
"id": "CVE-2012-1459",
"lastModified": "2024-11-21T01:37:02.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.597",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80389"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80390"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80391"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80392"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80393"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80395"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80396"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80403"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80406"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80407"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52623"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-16 19:29
Modified
2024-11-21 03:00
Severity ?
Summary
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/96298 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1037961 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96298 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037961 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 12.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F067AB6-0BCB-45C5-B943-72DB624ADD93",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp7:*:*:*:*:*:*",
"matchCriteriaId": "DC9DA528-2CE0-48C4-94A5-A0870F865FB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client."
},
{
"lang": "es",
"value": "Los clientes de Symantec Endpoint Protection colocan el malware detectado en cuarentena como parte de la funcionalidad planeada del producto. Los registros de cuarentena pueden ser exportados por el usuario para su revisi\u00f3n en una serie de formatos, incluyendo los archivos .CSV. En versiones anteriores a la 14.0 MP1 y a la 12.1 RU6 MP7, existe la posibilidad de que los metadatos del archivo se lean e interpreten como una f\u00f3rmula. La explotaci\u00f3n exitosa de un ataque de este tipo requiere una considerable interacci\u00f3n de usuario directa del usuario que realiza la exportaci\u00f3n y la apertura de los archivos de registro en el cliente objetivo."
}
],
"id": "CVE-2016-9094",
"lastModified": "2024-11-21T03:00:35.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-16T19:29:00.293",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96298"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037961"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-14 18:59
Modified
2024-11-21 02:54
Severity ?
Summary
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:symantec_data_center_security_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A85D64F-2912-4B59-9CF0-5266F5A44DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75EE5143-C90B-4E7F-BA5F-5B17995A8D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:email_security.cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9CB569-FE96-4783-A84F-BEE055DDED1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:mac:*:*",
"matchCriteriaId": "D98041D2-B769-4E3F-A072-6A2047082F09",
"versionEndIncluding": "12.1.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "1FE459CB-A040-4F02-8215-6B7BC4B9CEA9",
"versionEndIncluding": "12.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "CB7A2E78-E9C9-4B54-83BA-1D76B320A2BB",
"versionEndIncluding": "12.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:-:*:*:*:*:mac:*:*",
"matchCriteriaId": "48B6AC19-877E-42C9-A0C7-17B6002E9542",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "D9D06586-95B0-40F6-AF01-ABF6CDF4C607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_for_small_business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6720563F-0EE7-475E-968E-C5054CB0EEDE",
"versionEndIncluding": "12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_for_small_business:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "394A10F2-1147-4744-873B-5B0D38E371F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "748F255D-C57D-4483-A083-A8A904083535",
"versionEndIncluding": "8.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39AFBF7D-1101-4318-AC60-330329A82390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:8.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "93C49CF4-0B0C-4208-A774-5CA4756DD2FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7702EB09-8678-4F9A-97E5-C8FAD7E88D07",
"versionEndIncluding": "6.5.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "27E28201-1358-44A9-9C62-25D7E8FEBEAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A066F69C-9CDF-40F6-A251-E746D6D6D6A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3E4851-D48E-4865-B15A-48F8C5B01A8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5DD08A2-273B-4AE8-BD68-96407106DB89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C726BA76-DF5A-4F82-B861-C5468B8950E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F0BE5FC3-6FCE-49A1-AD9B-D37098A63E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B36A5DF7-7FBD-48E2-A053-0FF65C1D97F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CEEFFE2C-BAA1-4879-8198-3FD8433117C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "263ED902-F90D-44D1-A19B-CD7C1C96C918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4F0B5687-BB44-455A-99C9-5A1A31170783",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:messaging_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A721B7B-6A30-4671-8ED7-FB10A51585ED",
"versionEndIncluding": "10.6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:messaging_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E43B415E-7C78-4DE8-9075-30A17A026DA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:messaging_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "02C60D4C-9A49-45EC-AC34-09B312B56D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30C55CDA-FE49-4870-800B-BEDD0AD2128A",
"versionEndIncluding": "7.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "10A30D31-6D0A-48B0-9D96-7FECE032F288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "139B24CF-61DE-4891-BCB8-E2199067FD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "10F4C9B3-48EA-4E57-B7E9-1E51E7D87F31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B74A56-84F4-47AA-99BE-91F147B56FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4F235281-B0A6-4099-9E90-4EFDA3349E23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5D00F417-0D5F-43CA-8F01-66615CC32E49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE3368B-DB3A-4EA2-8A8F-C6B8E78FCD00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC77EBB-A8E6-4CA4-9CEE-03EFF8E57DB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F79636A0-C052-4F7C-B968-38959FABBA2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9369C5EC-B72D-485C-A0C2-72A86F65192D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67610E7A-D88F-40FD-9559-D020090FF000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32D1F17-65A7-49F7-B2C7-4AF4F5B8E311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security.cloud:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82F1B16C-252B-4390-8CC9-B4509A0F0F13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression."
},
{
"lang": "es",
"value": "El componente del analizador de archivos RAR en el motor AntiVirus Decomposer en Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Servidor; Symantec Endpoint Protection (SEP) para Windows en versiones anteriores a 12.1.6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1.6 MP6; Symantec Endpoint Protection para peque\u00f1as empresas (SEP SBE / SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) para Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI en versiones anteriores a 10.0.4 HF02; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF02, 7.5.x en versiones anteriores a 7.5.4 HF02, 7.5.5 en versiones anteriores a 7.5.5 HF01 y 7.8.x en versiones anteriores a 7.8.0 HF03; Symantec Mail Security para Domino (SMSDOM) en versiones anteriores a 8.0.9 HF2.1, 8.1.x en versiones anteriores a 8.1.2 HF2.3 y 8.1.3 en versiones anteriores a 8.1.3 HF2.2; Symantec Mail Security para Microsoft Exchange (SMSMSE) en versiones anteriores a 6.5.8_3968140 HF2.3, 7.x en versiones anteriores a 7.0_3966002 HF2.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF2.2; Servidores de Symantec Protection para SharePoint (SPSS) antes de la actualizaci\u00f3n SPSS_6.0.3_To_6.0.5_HF_2.5, 6.0.6 en versiones anteriores a 6.0.6 HF_2.6 y 6.0.7 en versiones anteriores a 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) en versiones antriores a 10.6.2; Symantec Messaging Gateway para proveedores de servicios (SMG-SP) en versiones anteriores a 10.5 parche 260 y 10.6 en versiones anteriores al parche 259; Symantec Web Gateway; y Symantec Web Security.Cloud permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un archivo RAR dise\u00f1ado que se maneja mal durante la descompresi\u00f3n."
}
],
"id": "CVE-2016-5310",
"lastModified": "2024-11-21T02:54:04.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-14T18:59:00.563",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92866"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036847"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036848"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036849"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036850"
},
{
"source": "secure@symantec.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"source": "secure@symantec.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/92866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036848"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-11 18:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a los recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2020-5823",
"lastModified": "2024-11-21T05:34:39.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.823",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-15 19:55
Modified
2024-11-21 01:24
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 11.0.6000 | |
| symantec | endpoint_protection | 11.0.6100 | |
| symantec | endpoint_protection | 11.0.6200 | |
| symantec | endpoint_protection | 11.0.6200.754 | |
| symantec | endpoint_protection | 11.0.6300 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts."
},
{
"lang": "es",
"value": "Vulnerabilidades de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en Web Interface en el Endpoint Protection Manager en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.6300, permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores para las peticiones que crean cuentas administrativas."
}
],
"id": "CVE-2011-0551",
"lastModified": "2024-11-21T01:24:16.603",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-08-15T19:55:03.657",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43662"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025919"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/74467"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/49101"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/74467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-11 18:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de denegaci\u00f3n de servicio, que es un tipo de problema por el cual un actor de amenaza intenta vincular los recursos de una aplicaci\u00f3n residente, haciendo de esta manera que determinadas funciones no est\u00e9n disponibles."
}
],
"id": "CVE-2020-5824",
"lastModified": "2024-11-21T05:34:39.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.900",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| antiy | avl_sdk | 2.0.3.7 | |
| ca | etrust_vet_antivirus | 36.1.8511 | |
| cat | quick_heal | 11.00 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| pandasecurity | panda_antivirus | 10.0.2.7 | |
| pc_tools | pc_tools_antivirus | 7.0.3.5 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 | |
| symantec | endpoint_protection | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_vet_antivirus:36.1.8511:*:*:*:*:*:*:*",
"matchCriteriaId": "FBFFC7D8-7BA5-4830-9ABD-B56B3BDFC730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning 5.400.0.1158, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Norman Antivirus 6.6.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0 .0.125, McAfee gateway (anteriormente Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Antivirus Vet 36.1.8511, Laboratorios Antiy AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, y Panda Antivirus 10.0.2.7 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo ELF con un campo encoding modificado. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador ELF."
}
],
"id": "CVE-2012-1446",
"lastModified": "2024-11-21T01:37:00.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:48.270",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80426"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80427"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80428"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80430"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80431"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80430"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52600"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| anti-virus | vba32 | 3.12.14.2 | |
| authentium | command_antivirus | 5.2.11.5 | |
| avg | avg_anti-virus | 10.0.0.1190 | |
| bitdefender | bitdefender | 7.2 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| eset | nod32_antivirus | 5795 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| jiangmin | jiangmin_antivirus | 13.0.900 | |
| k7computing | antivirus | 9.77.3565 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 | |
| symantec | endpoint_protection | 11.0 | |
| trendmicro | housecall | 9.120.0.1004 | |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos Gzip en AVG Anti-Virus 10.0.0.1190, BitDefender 7.2, Command Antivirus 5.2.11.5, a-squared Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Utilities Ikarus Virus T3 de l\u00ednea de comandos esc\u00e1ner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 06.06.12, 22.83.00.03 Rising Antivirus, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, y 3.12.14.2 VBA32 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo. tar.gz con varias secuencias comprimidas. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador Gzip."
}
],
"id": "CVE-2012-1461",
"lastModified": "2024-11-21T01:37:02.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.677",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80500"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80501"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80502"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80503"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80504"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80505"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80506"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80510"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52626"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-11-06 23:29
Modified
2024-11-21 03:11
Severity ?
Summary
Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/101504 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1039775 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101504 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039775 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:m9:*:*:*:*:*:*",
"matchCriteriaId": "EBD6152B-C741-406F-A5DB-D32ED6DF9AD1",
"versionEndExcluding": "12.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, en versiones anteriores a SEP 12.1 RU6 MP9, podr\u00eda ser susceptible a una vulnerabilidad de escalado de privilegios. Este tipo de problema permite que un usuario obtenga accesos elevados a recursos que, normalmente, suelen estar protegidos en niveles de acceso m\u00e1s bajos. En las circunstancias de este problema, la capacidad de este exploit est\u00e1 limitada por la necesidad de realizar varias escrituras de archivos y directorios al sistema de archivos local y, por lo tanto, no es posible en un ataque est\u00e1ndar de tipo drive-by."
}
],
"id": "CVE-2017-13681",
"lastModified": "2024-11-21T03:11:25.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-06T23:29:00.250",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101504"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"source": "secure@symantec.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-12 03:59
Modified
2024-11-21 02:38
Severity ?
Summary
Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:ru6mp2:*:*:*:*:*:*",
"matchCriteriaId": "006928A6-8869-4665-B487-7EB8104C8F9B",
"versionEndIncluding": "12.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492."
},
{
"lang": "es",
"value": "Vulnerabilidad de b\u00fasqueda de ruta no confiable en el cliente en Symantec Endpoint Protection (SEP) 12.1 en versiones anteriores a 12.1-RU6-MP3 permite a usuarios locales obtener privilegios a trav\u00e9s de un Troyano DLL en un paquete de instalaci\u00f3n en el cliente. NOTA: \u00e9sta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2015-1492."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/426.html\"\u003eCWE-426: Untrusted Search Path\u003c/a\u003e",
"id": "CVE-2015-8113",
"lastModified": "2024-11-21T02:38:02.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-12T03:59:09.517",
"references": [
{
"source": "secure@symantec.com",
"url": "http://www.securityfocus.com/bid/77585"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20151109_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/77585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20151109_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-11-15 18:15
Modified
2024-11-21 04:23
Severity ?
Summary
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 14.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E01DC1B-3D3D-4791-9668-29142FF2181B",
"versionEndIncluding": "14.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, versiones anteriores a la versi\u00f3n 14.2 RU2, puede ser susceptible a una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo sin firmar, lo que puede permitir a un individuo ejecutar c\u00f3digo sin una firma digital apropiada residente."
}
],
"id": "CVE-2019-12758",
"lastModified": "2024-11-21T04:23:30.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T18:15:10.860",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://safebreach.com/Post/Symantec-Endpoint-Protection-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-12758"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://safebreach.com/Post/Symantec-Endpoint-Protection-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-12758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/91438 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1036198 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1036199 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91438 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036198 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036199 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9099B-FB1D-439B-BEAC-23D199542256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4AED9F60-CCEA-43EF-93B4-2C13F5574BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "24F42E84-1AB9-45CF-ABE7-17911915606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5393B-BC84-4590-9779-3A6752EC767F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression."
},
{
"lang": "es",
"value": "El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un archivo CAB manipulado que es manejado incorrectamente durante la descompresi\u00f3n."
}
],
"id": "CVE-2016-2211",
"lastModified": "2024-11-21T02:48:03.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:04.730",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91438"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to "two parsing errors."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | * | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | norton_360 | 1.0 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005_contains_nav_11.0.0 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_internet_security | 2007 | |
| symantec | norton_internet_security | 2008 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F1EF45-537A-4656-BDE8-FA9383A75676",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02FE2FB-514A-48F9-8833-B1EF4CC1E27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD10A73-3DEF-48BD-9B35-D2BF791560E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03684DB6-9DC6-4EDD-902F-D1EC160330ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D38110-4B50-472E-9743-52A137F2ED93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1004A37-D22B-4690-8625-B631595C8B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7A5EDA-F1FF-4F66-BC78-DC6429D301CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A664090-5993-4DF2-AD6B-0F4867DB98B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "079D24C8-27D6-4794-8E56-58A7885DFE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "732CB44D-7468-486A-85CA-FA1365DB0F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E236C99A-D524-462A-BD8E-97A07B3BFC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "37456791-164A-489B-A905-8B61C6F91BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C39155B8-55BD-4B58-85DB-505876930A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "287B278D-A114-4795-8934-64E3C4472481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00819E08-CC5C-48FC-9F80-95B68AB19C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:anti_spyware:*:*:*:*:*",
"matchCriteriaId": "803641B7-E099-4CE8-B805-DBB338479E23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "F39AE3D7-7018-47AB-B332-D40EA5273CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "82446BA3-92F9-4689-9D67-3CE159AA0F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.5.6.14:*:*:*:*:*:*",
"matchCriteriaId": "98F9F2E3-1775-4EF9-9FE0-0D011307C269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005_contains_nav_11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7FE1A0A-4352-459A-892D-29AB14AA3B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*",
"matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to \"two parsing errors.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en ccLgView.exe en Symantec Log Viewer, utilizado en Symantec AntiVirus (SAV), anterior a v10.1 MR8, Symantec Endpoint Protection (SEP) v11.0 anteriores a v11.0 MR1, Norton 360 v1.0, y Norton Internet Security 2005 hasta 2008, permite a atacantes remotos inyectar HTML o scripts web arbitrarios a su elecci\u00f3n a trav\u00e9s de un mensaje de correo electr\u00f3nico elaborado ,relacionadas con \"dos errores de an\u00e1lisis sint\u00e1ctico.\""
}
],
"id": "CVE-2009-1428",
"lastModified": "2024-11-21T01:02:26.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-29T15:30:00.203",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54132"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34936"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34669"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022133"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022134"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022135"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ZIP parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ahnlab | v3_internet_security | 2011.01.18.00 | |
| aladdin | esafe | 7.0.17.0 | |
| avg | avg_anti-virus | 10.0.0.1190 | |
| cat | quick_heal | 11.00 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| jiangmin | jiangmin_antivirus | 13.0.900 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| symantec | endpoint_protection | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ZIP parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ZIP en AhnLab V3 Internet Security v2011.01.18.00, AVG Anti-Virus v10.0.0.1190, Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) v11.00, a-squared Anti-Malware v5.1.0.1, eSafe v7.0.17.0, Fortinet Antivirus v4.2.254.0, Ikarus Virus Utilities T3 esc\u00e1ner de l\u00ednea de comandos v1.1.97.0, Jiangmin Antivirus v13.0.900, Kaspersky Anti-Virus v7.0.0.125, Norman Antivirus v6.6.12, Sophos Anti-Virus v4.61.0, y AVEngine v20101.3.0.103 de Symantec Endpoint Protection v11 permite a los atacantes remotos eludir la detecci\u00f3n de malware a trav\u00e9s de un archivo ZIP que contiene un bloque de datos no v\u00e1lido en el cominezo. NOTA: esto m\u00e1s tarde se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones de \u00e1rea del analizador."
}
],
"id": "CVE-2012-1462",
"lastModified": "2024-11-21T01:37:02.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.707",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52613"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52613"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74310"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-15 19:55
Modified
2024-11-21 01:24
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 11.0.6000 | |
| symantec | endpoint_protection | 11.0.6100 | |
| symantec | endpoint_protection | 11.0.6200 | |
| symantec | endpoint_protection | 11.0.6200.754 | |
| symantec | endpoint_protection | 11.0.6300 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS en el Web Interface en el Endpoint Protection Manager en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.6300 permite a atacantes remotos inyectar c\u00f3digo script de su elecci\u00f3n o HTML a trav\u00e9s del (1) token de par\u00e1metro portal/Help.jsp o (2) la URI en una petici\u00f3n console/apps/sepm."
}
],
"id": "CVE-2011-0550",
"lastModified": "2024-11-21T01:24:16.447",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-08-15T19:55:03.567",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43662"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025919"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/74465"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/74466"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/48231"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43662"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/74465"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/74466"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69136"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-23 21:55
Modified
2024-11-21 01:34
Severity ?
Summary
Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 11.0.6000 | |
| symantec | endpoint_protection | 11.0.6100 | |
| symantec | endpoint_protection | 11.0.6200 | |
| symantec | endpoint_protection | 11.0.6200.754 | |
| symantec | endpoint_protection | 11.0.6300 | |
| symantec | endpoint_protection | 11.0.7000 | |
| symantec | endpoint_protection | 11.0.7100 | |
| symantec | network_access_control | 11.0.6000 | |
| symantec | network_access_control | 11.0.6100 | |
| symantec | network_access_control | 11.0.6200 | |
| symantec | network_access_control | 11.0.6300 | |
| symantec | network_access_control | 11.0.7000 | |
| symantec | network_access_control | 11.0.7100 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "FCFCFC06-BB3E-4EC0-99A6-B617988A5570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "3930F533-D9CF-41E9-A5F4-551874C780BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "009B26A2-7096-42B9-910D-3CC296FFF8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "F364C90E-F794-4A9C-981F-87EF54A2F81A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "639C9956-5510-48C0-97F6-236C1DEB6045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDFBF60-F92C-45A7-A142-88C688E1F307",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.710x y Symantec Network Access Control (SNAC) v11.0.600x hasta v11.0.710x, permite a usuarios locales obtener privilegios, y modificar los datos o causar una denegaci\u00f3n de servicio, a trav\u00e9s de un script malicioso."
}
],
"id": "CVE-2012-0289",
"lastModified": "2024-11-21T01:34:43.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-23T21:55:01.037",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/51795"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027093"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/51795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-19 17:30
Modified
2024-11-21 01:11
Severity ?
Summary
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02FE2FB-514A-48F9-8833-B1EF4CC1E27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD10A73-3DEF-48BD-9B35-D2BF791560E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03684DB6-9DC6-4EDD-902F-D1EC160330ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D38110-4B50-472E-9743-52A137F2ED93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1004A37-D22B-4690-8625-B631595C8B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7A5EDA-F1FF-4F66-BC78-DC6429D301CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A664090-5993-4DF2-AD6B-0F4867DB98B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "079D24C8-27D6-4794-8E56-58A7885DFE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "732CB44D-7468-486A-85CA-FA1365DB0F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E236C99A-D524-462A-BD8E-97A07B3BFC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "37456791-164A-489B-A905-8B61C6F91BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C39155B8-55BD-4B58-85DB-505876930A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "287B278D-A114-4795-8934-64E3C4472481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C311B10-D660-4F50-828D-6D2CDBE550BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "6D4A3BB0-C293-47D5-AC66-4AFAEC45EFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "120CD307-806A-45A8-9DCF-D23FEE072432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
"matchCriteriaId": "CD25A172-D70C-44E0-9551-F390AF0AD8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "8FB89648-5727-4F8F-83B7-3E11CE69EA3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr7:*:*:*:*:*:*",
"matchCriteriaId": "589E62A1-067B-4220-9959-03367E5E014F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
"matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
"matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en un control ActiveX en el proxy de cliente de Symantec (CLIproxy.dll) en Symantec AntiVirus v10.0.x, v10.1.x anterior a MR9 y v10.2.x anterior a MR4 y Symantec Client Security v3.0.x y v3.1.x anterior a MR9 podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos relacionados con un proxy."
}
],
"id": "CVE-2010-0108",
"lastModified": "2024-11-21T01:11:32.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-19T17:30:00.690",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38651"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38222"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0412"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-25 20:29
Modified
2024-11-21 03:55
Severity ?
Summary
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/107994 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://support.symantec.com/en_US/article.SYMSA1479.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107994 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/en_US/article.SYMSA1479.html | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:windows:*:*",
"matchCriteriaId": "D5DDAD68-240B-4369-8D7D-B10239C54747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:windows:*:*",
"matchCriteriaId": "3D9F3D24-2F6B-4DBB-9BAD-B675F531B9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:windows:*:*",
"matchCriteriaId": "69DA24CB-9464-4DBA-9757-CBF3253D324C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:windows:*:*",
"matchCriteriaId": "5708D207-5F1E-4CC5-89B0-9872F8021736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:windows:*:*",
"matchCriteriaId": "DA616B75-7FAA-4DFF-9E3C-9BF05D90C4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:windows:*:*",
"matchCriteriaId": "F728FD54-72A2-4C64-8EBA-AB516AFEB930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:windows:*:*",
"matchCriteriaId": "C7D78695-4229-4163-A937-30B0FB97568A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:windows:*:*",
"matchCriteriaId": "665E9936-F11A-47C2-9919-7B9F236ED003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:windows:*:*",
"matchCriteriaId": "5EA8075B-DF2C-4A6C-B30D-405196C0E15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:windows:*:*",
"matchCriteriaId": "506BD1F7-0B85-4DD2-A56B-6D84ECC1598B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:windows:*:*",
"matchCriteriaId": "46D9A4AF-B880-4AA3-B5A9-FB2F67AD8CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:windows:*:*",
"matchCriteriaId": "56382DCA-103C-4833-A950-6DB90102F208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:windows:*:*",
"matchCriteriaId": "E0591908-0AD7-4DE6-B28D-DFA9CA6C29A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:windows:*:*",
"matchCriteriaId": "85E4AE96-9917-4674-B08D-B8B5DEADB58D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:windows:*:*",
"matchCriteriaId": "E5DB21D2-0ACD-468B-8144-10FCD7DCB428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:windows:*:*",
"matchCriteriaId": "E9AD8898-62A9-40D1-9FA2-D980D5BB41DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:windows:*:*",
"matchCriteriaId": "FC5F57A5-EAE3-4553-98C1-38C11C04D178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ry7-mp3:*:*:*:windows:*:*",
"matchCriteriaId": "76D3A7B5-3151-4442-B256-A60BC5A7915E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:windows:*:*",
"matchCriteriaId": "CD6A8A38-4199-4E73-894F-BA388FCA20EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:windows:*:*",
"matchCriteriaId": "BF0DBAF4-95F3-4AA9-B9E6-4E9D9EEC56EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:*:windows:*:*",
"matchCriteriaId": "04378076-3B34-4F9F-AFE3-F740D6770C86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:windows:*:*",
"matchCriteriaId": "63A3DDBE-9B09-44E3-A899-6F0C9C88CDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:windows:*:*",
"matchCriteriaId": "BD6EA05C-1748-4143-93A9-8CE5B336EA21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:windows:*:*",
"matchCriteriaId": "505C8AD8-E527-49F9-96AE-B9DAE32A634B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:windows:*:*",
"matchCriteriaId": "E07ABDF7-6A4D-4CB1-8CA1-1708F25B89B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:windows:*:*",
"matchCriteriaId": "8941F807-54BA-491B-B001-EC37843BAAB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:windows:*:*",
"matchCriteriaId": "29A8D0C5-9389-4340-879A-033ED39D6A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:windows:*:*",
"matchCriteriaId": "BA24E896-329C-41DC-AF82-50D8479DE874",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:windows:*:*",
"matchCriteriaId": "3C615B28-E03C-4DDC-A669-BADE920C0213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:windows:*:*",
"matchCriteriaId": "E63D215D-0861-4128-9CDC-03ACF0B7BDFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:windows:*:*",
"matchCriteriaId": "E5810456-C8B7-4716-8836-8C23CF0D8503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:windows:*:*",
"matchCriteriaId": "C9FEE5B1-CBF7-491E-B818-360C70EE6E1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp10:*:*:*:windows:*:*",
"matchCriteriaId": "931383D4-DE13-4E90-B9D3-EDAA157E9A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:windows:*:*",
"matchCriteriaId": "3C10597C-BC98-46DF-A264-C6F782E22256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:windows:*:*",
"matchCriteriaId": "8FB5E6EE-0336-4C51-A348-DF6669D424F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:windows:*:*",
"matchCriteriaId": "DCBEC4B9-10F8-48B8-BE07-9646F4D15CF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:windows:*:*",
"matchCriteriaId": "F7F7472F-8126-420C-B04E-112A01865804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:windows:*:*",
"matchCriteriaId": "309BB292-60D3-4D6A-A9EB-B1741A202162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:windows:*:*",
"matchCriteriaId": "57354358-0C2D-4DE4-BE79-1EA80A20517C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:windows:*:*",
"matchCriteriaId": "737E64E5-3F7B-4C5D-B1AB-54241D9C8852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14:*:*:*:*:windows:*:*",
"matchCriteriaId": "DD3E3D04-80C5-46B6-A1AC-EF0AA15F9CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14:mp1:*:*:*:windows:*:*",
"matchCriteriaId": "FE526090-27CE-4CA8-84FD-37973B75BE28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:windows:*:*",
"matchCriteriaId": "4853BEBB-F207-489E-ABEB-AE2A8AEC2086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:*:*:*:*:windows:*:*",
"matchCriteriaId": "E86D69CD-40A6-4F8E-8B07-41D6E3B8FD32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:windows:*:*",
"matchCriteriaId": "4C30BA87-1FD2-4CBE-AC8B-AA57B9AA91D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:windows:*:*",
"matchCriteriaId": "F3A02563-3A73-44E9-8169-5904B93CEB12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:*:*:*:*:windows:*:*",
"matchCriteriaId": "D088B925-70DF-4CA1-B840-81C10F52049A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:windows:*:*",
"matchCriteriaId": "901E887F-74DA-457B-A124-F3692CE76209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:nis-22.15.2.22:*:*:*:small_business:*:*:*",
"matchCriteriaId": "F562DF12-99D5-4111-9CD6-D1E5B7920225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:sep-12.1.7484.7002:*:*:*:small_business:*:*:*",
"matchCriteriaId": "33FAAF42-04C9-430C-8C9A-F707AB6B469C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31AFAAF0-ED33-4C9E-9708-456766A8A61F",
"versionEndExcluding": "22.16.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud_agent:*:*:*:*:small_business:*:*:*",
"matchCriteriaId": "5B36DE59-81E1-4800-96CB-C9281C15E2F5",
"versionEndExcluding": "3.00.31.2817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "C5C50AD8-9816-4DDE-B8A7-1243BF2E56BF",
"versionEndExcluding": "22.16.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory."
},
{
"lang": "es",
"value": "Symantec Norton Security, versiones anteriores a 22.16.3, SEP (cliente Windows) versiones anteriores e incluyendo a 12.1 RU6 MP9 y anteriores a 14.2 RU1, SEP SBE anteriores a Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 y SEP Cloud en versiones anteriores a 22.16.3 pueden ser susceptibles a una revelaci\u00f3n de la memoria del n\u00facleo, que es un tipo de problema en el que una petici\u00f3n IRP especialmente dise\u00f1ada puede hacer que el controlador devuelva la memoria no inicializada."
}
],
"id": "CVE-2018-18366",
"lastModified": "2024-11-21T03:55:48.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-25T20:29:02.177",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107994"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107994"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-908"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-20 20:59
Modified
2024-11-21 02:20
Severity ?
Summary
Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5C31-59F3-48DC-A9B6-AC616344EAE8",
"versionEndIncluding": "12.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de b\u00fasqueda de ruta no confiable en el componente Manager en Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1.6, permite a usuarios locales obtener privilegios a trav\u00e9s de un Troyano DLL en un directorio no especificado."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/426.html\"\u003eCWE-426: Untrusted Search Path\u003c/a\u003e",
"id": "CVE-2014-9227",
"lastModified": "2024-11-21T02:20:26.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-09-20T20:59:00.103",
"references": [
{
"source": "secure@symantec.com",
"url": "http://www.securityfocus.com/bid/75203"
},
{
"source": "secure@symantec.com",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \50\4B\03\04 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| antiy | avl_sdk | 2.0.3.7 | |
| avira | antivir | 7.11.1.163 | |
| cat | quick_heal | 11.00 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| eset | nod32_antivirus | 5795 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| jiangmin | jiangmin_antivirus | 13.0.900 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| pc_tools | pc_tools_antivirus | 7.0.3.5 | |
| symantec | endpoint_protection | 11.0 | |
| trendmicro | housecall | 9.120.0.1004 | |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \\50\\4B\\03\\04 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador sint\u00e1ctico de ficheros TAR en Avira AntiVir v7.11.1.163, Antiy Labs AVL SDK v2.0.3.7, Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) v11.00, Emsisoft Anti-Malware v5.1.0.1, Fortinet Antivirus v4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner v1.1.97.0, Jiangmin Antivirus v13.0.900, Kaspersky Anti-Virus v7.0.0.125, McAfee Anti-Virus Scanning Engine v5.400.0.1158, McAfee Gateway (formalmente Webwasher) v2010.1C, NOD32 Antivirus v5795, Norman Antivirus v6.06.12, PC Tools AntiVirus v7.0.3.5, AVEngine v20101.3.0.103 en Symantec Endpoint Protection v11, Trend Micro AntiVirus v9.120.0.1004, y Trend Micro HouseCall v9.120.0.1004 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un fichero POSIX TAR con la siguiente secuencia de caracteres \\50\\4B\\03\\04. NOTA: Esto se puede dividir despu\u00e9s en varios CVEs si se publicara informaci\u00f3n mostrando el error que producir\u00eda en distintas implementaciones de analizadores sint\u00e1cticos."
}
],
"id": "CVE-2012-1425",
"lastModified": "2024-11-21T01:36:57.320",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:47.397",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80389"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80391"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80392"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80395"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80396"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80403"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4CD3B130-38CD-4B85-B054-EE43C205E935",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C754F33C-88E5-45A7-96D9-91C0D0397ED8",
"versionEndIncluding": "10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC7EDE-5A85-4D8E-99B0-FF6690BCE35E",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
},
{
"lang": "es",
"value": "Desbordamiento m\u00faltiple de b\u00fafer basado en pila en IAO.EXE en el Intel Alert Originator Service en Symantec Alert Management System 2 (AMS2), tal como se utiliza en Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 anterior a v9.0 MR7, v10.0 y v10.1 anterior a v10.1 MR8, y v10.2 anterior a v10.2 MR2; Symantec Client Security (SCS) v2 anterior a v2.0 MR7 y v3 anterior a v3.1 MR8; y Symantec Endpoint Protection (SEP) anterior a v11.0 MR3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) un paquete elaborado o (2) los datos que aparentemente se reciban a del proceso MsgSys.exe."
}
],
"id": "CVE-2009-1430",
"lastModified": "2024-11-21T01:02:26.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.250",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-06 19:55
Modified
2024-11-21 02:08
Severity ?
Summary
Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 12.0 | |
| symantec | endpoint_protection | 12.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:-:small_business:*:*:*:*:*",
"matchCriteriaId": "7D7E851B-1A0A-4077-9FCF-754D4FF798FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8C3211-6088-49D6-8228-C4E9B5DF1631",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en el controlador sysplant en Symantec Endpoint Protection (SEP) Client 11.x y 12.x anterior a 12.1 RU4 MP1b, y Small Business Edition anterior a SEP 12.1, permite a usuarios locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de un argumento largo en una llamada 0x00222084 IOCTL."
}
],
"id": "CVE-2014-3434",
"lastModified": "2024-11-21T02:08:05.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-06T19:55:03.557",
"references": [
{
"source": "secure@symantec.com",
"url": "http://packetstormsecurity.com/files/127772/Symantec-Endpoint-Protection-11.x-12.x-Kernel-Pool-Overflow.html"
},
{
"source": "secure@symantec.com",
"url": "http://secunia.com/advisories/58996"
},
{
"source": "secure@symantec.com",
"url": "http://secunia.com/advisories/59697"
},
{
"source": "secure@symantec.com",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/34272"
},
{
"source": "secure@symantec.com",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252068"
},
{
"source": "secure@symantec.com",
"url": "http://www.osvdb.org/109663"
},
{
"source": "secure@symantec.com",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/68946"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140804_00"
},
{
"source": "secure@symantec.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/127772/Symantec-Endpoint-Protection-11.x-12.x-Kernel-Pool-Overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/34272"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/252068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/109663"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/68946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140804_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95062"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-29 14:29
Modified
2024-11-21 03:44
Severity ?
Summary
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/105917 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105917 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection_cloud | * | |
| symantec | norton_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B467107-F1B4-4D10-B10F-18A947F92B09",
"versionEndExcluding": "12.1.7454.7000",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869AF0C2-7774-48EC-B06B-733A6C5B75F3",
"versionEndIncluding": "14.2",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "938F1785-00BE-4894-A646-EC17871E47F6",
"versionEndExcluding": "22.15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF904CE1-9060-49E7-B53E-0BD8DF7723D7",
"versionEndExcluding": "22.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 \u0026 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected."
},
{
"lang": "es",
"value": "Norton en versiones anteriores a la 22.15; Symantec Endpoint Protection (SEP) en versiones anteriores a la 12.1.7454.7000 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) en versiones anteriores a la NIS-22.15.1.8 SEP-12.1.7454.7000; y Symantec Endpoint Protection Cloud (SEP Cloud) en versiones anteriores a la 22.15.1 pueden ser susceptibles a un problema de omisi\u00f3n de antivirus, que es un tipo de explotaci\u00f3n que sirve para eludir uno de los motores de detecci\u00f3n de virus y as\u00ed evitar un tipo de protecci\u00f3n antivirus espec\u00edfico. Uno de los motores antivirus depende de un patr\u00f3n de firma de una base de datos para identificar archivos maliciosos y virus; la explotaci\u00f3n de omisi\u00f3n de antivirus busca alterar el archivo que se est\u00e1 analizando para que no sea detectado."
}
],
"id": "CVE-2018-12238",
"lastModified": "2024-11-21T03:44:50.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-29T14:29:00.250",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105917"
},
{
"source": "secure@symantec.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-11-29 14:29
Modified
2024-11-21 03:44
Severity ?
Summary
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/105918 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105918 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection_cloud | * | |
| symantec | norton_antivirus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B467107-F1B4-4D10-B10F-18A947F92B09",
"versionEndExcluding": "12.1.7454.7000",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869AF0C2-7774-48EC-B06B-733A6C5B75F3",
"versionEndIncluding": "14.2",
"versionStartIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "938F1785-00BE-4894-A646-EC17871E47F6",
"versionEndExcluding": "22.15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF904CE1-9060-49E7-B53E-0BD8DF7723D7",
"versionEndExcluding": "22.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 \u0026 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected."
},
{
"lang": "es",
"value": "Norton en versiones anteriores a la 22.15; Symantec Endpoint Protection (SEP) en versiones anteriores a la 12.1.7454.7000 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) en versiones anteriores a la NIS-22.15.1.8 SEP-12.1.7454.7000; y Symantec Endpoint Protection Cloud (SEP Cloud) en versiones anteriores a la 22.15.1 puede ser susceptible a un problema de omisi\u00f3n de antivirus, que es un tipo de explotaci\u00f3n que sirve para eludir uno de los motores de detecci\u00f3n de virus y as\u00ed evitar un tipo de protecci\u00f3n antivirus espec\u00edfico. Uno de los motores antivirus depende de un patr\u00f3n de firma de una base de datos para identificar archivos maliciosos y virus; la explotaci\u00f3n de omisi\u00f3n de antivirus busca alterar el archivo que se est\u00e1 analizando para que no sea detectado."
}
],
"id": "CVE-2018-12239",
"lastModified": "2024-11-21T03:44:50.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-29T14:29:00.297",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105918"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-18 20:55
Modified
2024-11-21 01:42
Severity ?
Summary
The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*",
"matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*",
"matchCriteriaId": "F1580B17-6873-40AD-B092-EB768E656C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "6C2C5BA5-2A3D-4D67-AA8F-0A454E69BE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*",
"matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*",
"matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8C3211-6088-49D6-8228-C4E9B5DF1631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.671:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0A9C72-FD2F-40F3-A094-58FC34F0857A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "4D997D8A-C093-4250-9481-3ED28E541B4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:-:small_business:*:*:*:*:*",
"matchCriteriaId": "7D7E851B-1A0A-4077-9FCF-754D4FF798FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:small_business:*:*:*:*:*",
"matchCriteriaId": "A89EF949-E330-4E70-BB93-AFE5E6F75120",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "La consola de administraci\u00f3n de Symantec Endpoint Protection (SEP) v11.0 antes de RU7-MP3 y v12.1 antes de RU2 y Symantec Endpoint Protection Small Business Edition v12.x antes de v12.1 RU2, no valida correctamente la entrada para secuencias de comandos PHP, lo que permite a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2012-4348",
"lastModified": "2024-11-21T01:42:43.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "MULTIPLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:L/Au:M/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-18T20:55:01.227",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/56846"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027863"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027863"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4CD3B130-38CD-4B85-B054-EE43C205E935",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C754F33C-88E5-45A7-96D9-91C0D0397ED8",
"versionEndIncluding": "10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC7EDE-5A85-4D8E-99B0-FF6690BCE35E",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
},
{
"lang": "es",
"value": "El LANDesk Common Base Agent (CBA) de Intel en Alert Management System 2 (AMS2) de Symantec, tal y como es usado en System Center (SSS) de Symantec; AntiVirus Server de Symantec; AntiVirus Central Quarantine Server de Symantec; Symantec AntiVirus (SAV) Corporate Edition versiones 9 anteriores a 9.0 MR7, versiones 10.0 y 10.1 anteriores a 10.1 MR8, y versiones 10.2 anteriores a 10.2 MR2; Symantec Client Security (SCS) versiones 2 anteriores a 2.0 MR7 y versiones 3 anteriores a 3.1 MR8; y Symantec Endpoint Protection (SEP) anterior a versi\u00f3n 11.0 MR3, permite a atacantes remotos ejecutar comandos arbitrarios por medio de un paquete dise\u00f1ado cuyo contenido se interpreta como un comando para ser iniciado en un nuevo proceso mediante la funci\u00f3n CreateProcessA."
}
],
"id": "CVE-2009-1429",
"lastModified": "2024-11-21T01:02:26.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.217",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54157"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8346"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 16:29
Modified
2024-11-21 04:08
Severity ?
Summary
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/104199 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1041180 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://support.symantec.com/en_US/article.SYMSA1454.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104199 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041180 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/en_US/article.SYMSA1454.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 12.1 | |
| symantec | endpoint_protection | 14.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F067AB6-0BCB-45C5-B943-72DB624ADD93",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6mp10:*:*:*:*:*:*",
"matchCriteriaId": "CAFF743B-A076-4227-B1DF-C80D8E2AFC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0:ru1mp1:*:*:*:*:*:*",
"matchCriteriaId": "EA249060-8AD9-4718-89CE-77234FE341CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, en versiones anteriores a 14 RU1 MP1 o 12.1 RU6 MP10, podr\u00eda ser susceptible a una vulnerabilidad de escalado de privilegios. Este tipo de problema permite que un usuario obtenga accesos elevados a recursos que, normalmente, suelen estar protegidos en niveles de acceso m\u00e1s bajos."
}
],
"id": "CVE-2018-5237",
"lastModified": "2024-11-21T04:08:24.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T16:29:00.280",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041180"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-06-20 16:29
Modified
2024-11-21 04:08
Severity ?
Summary
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/104198 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1041180 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://support.symantec.com/en_US/article.SYMSA1454.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104198 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1041180 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/en_US/article.SYMSA1454.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 12.1 | |
| symantec | endpoint_protection | 14.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F067AB6-0BCB-45C5-B943-72DB624ADD93",
"versionEndIncluding": "14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6mp10:*:*:*:*:*:*",
"matchCriteriaId": "CAFF743B-A076-4227-B1DF-C80D8E2AFC78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0:ru1mp1:*:*:*:*:*:*",
"matchCriteriaId": "EA249060-8AD9-4718-89CE-77234FE341CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection en versiones anteriores a la 14 RU1 MP1 o 12.1 RU6 MP10 podr\u00eda ser vulnerable a una condici\u00f3n de carrera may be susceptible to a race condition (o condici\u00f3n de secuencia). Este tipo de problema ocurre en software cuando la salida depende de la secuencia o de la sincronizaci\u00f3n de otros eventos que no pueden controlarse."
}
],
"id": "CVE-2018-5236",
"lastModified": "2024-11-21T04:08:23.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T16:29:00.217",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041180"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041180"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-25 19:29
Modified
2024-11-21 03:44
Severity ?
Summary
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | https://support.symantec.com/en_US/article.SYMSA1479.html | Vendor Advisory | |
| secure@symantec.com | https://www.securityfocus.com/bid/107999 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/en_US/article.SYMSA1479.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/107999 | Third Party Advisory, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:macos:*:*",
"matchCriteriaId": "A8A8E8C7-7764-4500-B43C-909B98CBA969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:macos:*:*",
"matchCriteriaId": "709E0F00-6004-4230-AA2E-AEB92CF47510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:macos:*:*",
"matchCriteriaId": "E903F167-3A44-4EB0-BCAF-C863F8A41DD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:macos:*:*",
"matchCriteriaId": "BA478022-5812-4A42-90B9-3B71EE228EE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:macos:*:*",
"matchCriteriaId": "A296C87D-A8A1-4062-959A-5C9B599EA33C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:macos:*:*",
"matchCriteriaId": "55B28F0F-FE43-49EB-AC85-6D2D0D44BA74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:macos:*:*",
"matchCriteriaId": "CEEA6E9A-749A-4522-A863-922161294F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:macos:*:*",
"matchCriteriaId": "F2D88CB1-F85B-4748-8841-7BF640629393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:macos:*:*",
"matchCriteriaId": "F51FBC9D-DC97-4D7C-86E5-94754618BB77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:macos:*:*",
"matchCriteriaId": "FE14BAFD-6FF1-4331-A3B2-B4C950CA06FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:macos:*:*",
"matchCriteriaId": "85CB007A-ACCE-4686-8E90-31E3B082ACD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:macos:*:*",
"matchCriteriaId": "013A829A-8152-4894-B973-444E13CDE29B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:macos:*:*",
"matchCriteriaId": "AF5594FB-DA31-4A7B-8B90-C697182AF076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:macos:*:*",
"matchCriteriaId": "F7195A0A-0F18-4656-88F1-0E1D91D2B61C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:macos:*:*",
"matchCriteriaId": "A8DFC842-93FF-4127-A51C-681B375AE68F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:macos:*:*",
"matchCriteriaId": "C7315DB1-E602-428E-ABB2-348592B6AE7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:macos:*:*",
"matchCriteriaId": "6F6A4FCD-11EA-4B0B-9365-B0EE33DC2830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ry7-mp3:*:*:*:macos:*:*",
"matchCriteriaId": "B60284AB-99C9-4C01-A922-C2390E3EEA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:macos:*:*",
"matchCriteriaId": "424BF82D-C5C6-443C-BA09-FFFB9C2AD6DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:macos:*:*",
"matchCriteriaId": "34EBB08C-E229-4912-A3EA-902741FB06CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:*:macos:*:*",
"matchCriteriaId": "DE256B6B-4659-4C5F-AB6D-E40EC1655965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:macos:*:*",
"matchCriteriaId": "6514C8BD-21B8-492D-8355-DC80A2B654BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:macos:*:*",
"matchCriteriaId": "24D20516-7157-41DA-B9BE-A6F63E9A9747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:macos:*:*",
"matchCriteriaId": "A4973190-0937-4755-BC62-51ECD0F1F504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:macos:*:*",
"matchCriteriaId": "CA51772D-6124-4912-8809-233FD099F18E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:macos:*:*",
"matchCriteriaId": "A756CC75-DBE3-4684-86C6-C7C0FE125CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:macos:*:*",
"matchCriteriaId": "03CBF80C-E1A3-45AC-8533-032F457DFB32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:macos:*:*",
"matchCriteriaId": "8258DAC4-06D6-400E-B495-D5CD8D7F7DC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:macos:*:*",
"matchCriteriaId": "85CA5B27-7C43-428D-ADD6-C328ECBCCFA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:macos:*:*",
"matchCriteriaId": "198182A8-8C17-4857-9F86-716A55534D5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:macos:*:*",
"matchCriteriaId": "EF909ABB-DD72-4C5B-A6E5-907AFA0AF6B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:mac_os_x:*:*",
"matchCriteriaId": "8324432F-0C0E-430E-8968-939ABC77509C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp10:*:*:*:macos:*:*",
"matchCriteriaId": "D69E0630-5996-443B-B3ED-11989B9F0786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:macos:*:*",
"matchCriteriaId": "669932CB-FB88-464D-9C4C-87A2110A4858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:mac_os_x:*:*",
"matchCriteriaId": "E15367F1-2862-41C7-949F-2E73F20DD4ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:macos:*:*",
"matchCriteriaId": "CB162A18-8B37-4889-A323-0D193BF32054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:mac_os_x:*:*",
"matchCriteriaId": "6C946083-49DC-427F-A521-04BD35A145E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:macos:*:*",
"matchCriteriaId": "7D6E6D44-7525-4F24-AEC8-C68236FED9DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:macos:*:*",
"matchCriteriaId": "6E6C6EEA-EB45-400D-8C06-36F4B6148784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:macos:*:*",
"matchCriteriaId": "AC3590F2-D283-432A-931B-246A6749434C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14:*:*:*:*:macos:*:*",
"matchCriteriaId": "F1CB8890-4908-406C-8361-017BD5775A8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14:mp1:*:*:*:macos:*:*",
"matchCriteriaId": "57A39944-B16B-439B-BEA5-8581C7F174A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:macos:*:*",
"matchCriteriaId": "53450424-1777-48DA-AD09-C87C68E137B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:*:*:*:*:macos:*:*",
"matchCriteriaId": "B4281F2E-A9BB-4361-A548-BB7B2A57DAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:macos:*:*",
"matchCriteriaId": "3BBE781F-7095-4FA6-AC9C-3F6566AC3CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:macos:*:*",
"matchCriteriaId": "525C399E-827F-4A35-A894-51992E467665",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:*:*:*:*:macos:*:*",
"matchCriteriaId": "FB0E93FC-B698-42B0-BF06-A3E42CE695D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:macos:*:*",
"matchCriteriaId": "8C705203-5A9B-434F-AC78-82D50292686E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files."
},
{
"lang": "es",
"value": "SEP (cliente Mac) versiones anteriores a la 12.1 incluida, RU6 MP9 en versiones anteriores a 14.2 RU1 puede ser susceptible a una vulnerabilidad de inyecci\u00f3n CSV/DDE (tambi\u00e9n conocida como formula injection), es un tipo de problema por el cual una aplicaci\u00f3n o sitio web permite la entrada de datos no confiables en los archivos CSV."
}
],
"id": "CVE-2018-12244",
"lastModified": "2024-11-21T03:44:51.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-25T19:29:00.283",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/107999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/107999"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-23 21:55
Modified
2024-11-21 01:34
Severity ?
Summary
The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 12.1 | |
| symantec | endpoint_protection | 12.1.671 | |
| symantec | endpoint_protection | 12.1.1000 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8C3211-6088-49D6-8228-C4E9B5DF1631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.671:*:*:*:*:*:*:*",
"matchCriteriaId": "2E0A9C72-FD2F-40F3-A094-58FC34F0857A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "4D997D8A-C093-4250-9481-3ED28E541B4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294."
},
{
"lang": "es",
"value": "El servicio The Manager de la consola de administraci\u00f3n de Symantec Endpoint Protection (SEP) v12.1 anterior a 12.1 RU1-MP1 permite a atacantes remotos realizar ataques de inserci\u00f3n de archivos y ejecutar c\u00f3digo arbitrario mediante el aprovechamiento de la explotaci\u00f3n de CVE-2012-0294."
}
],
"id": "CVE-2012-0295",
"lastModified": "2024-11-21T01:34:44.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-23T21:55:01.130",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53183"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/53184"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027093"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/53184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2018-04-16 19:29
Modified
2024-11-21 03:00
Severity ?
Summary
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. In very narrow circumstances, and on 64-bit systems only, this could allow the user to run arbitrary code on the local machine with kernel-level privileges. This could result in a non-privileged user gaining privileged access on the local machine.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/96294 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1037961 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/96294 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1037961 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 12.1.6 | |
| symantec | endpoint_protection | 12.1.6 | |
| symantec | endpoint_protection | 12.1.6 | |
| symantec | endpoint_protection | 12.1.6 | |
| symantec | endpoint_protection | 12.1.6 | |
| symantec | endpoint_protection | 12.1.6 | |
| symantec | endpoint_protection | 12.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "930EF2D4-C3F1-4A86-BD34-FE228D66BF05",
"versionEndIncluding": "12.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp5:*:*:*:*:*:*",
"matchCriteriaId": "D72DE621-13F0-4794-AF17-98D331B9F647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp6:*:*:*:*:*:*",
"matchCriteriaId": "8B93AD9D-B760-4E16-823F-F2D2D4E34F24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. In very narrow circumstances, and on 64-bit systems only, this could allow the user to run arbitrary code on the local machine with kernel-level privileges. This could result in a non-privileged user gaining privileged access on the local machine."
},
{
"lang": "es",
"value": "Una versi\u00f3n del controlador SymEvent que se distribuye con Symantec Endpoint Protection 12.1 RU6 MP6 y anteriores no sanea correctamente las entradas de un usuario que haya iniciado sesi\u00f3n. SEP 14.0 y siguientes no se ha visto afectado por este problema. Un usuario no administrativo tendr\u00eda que ser capaz de guardar un archivo ejecutable en el disco y, despu\u00e9s, ejecutarlo con \u00e9xito. Si se construye correctamente, el archivo podr\u00eda acceder a la interfaz del controlador y manipular ciertas llamadas del sistema. En todos los sistemas de 32 bits y, en la mayor\u00eda de casos, en sistemas de 64 bits, esto resultar\u00e1 en una denegaci\u00f3n de servicio (DoS) que provocar\u00e1 el cierre inesperado del sistema. En circunstancias muy concretas, y solo en sistemas de 64 bits, esto podr\u00eda permitir que el usuario ejecute c\u00f3digo arbitrario en la m\u00e1quina local con privilegios de nivel de kernel. Esto podr\u00eda resultar en que un usuario no privilegiado obtenga acceso privilegiado en la m\u00e1quina local."
}
],
"id": "CVE-2016-9093",
"lastModified": "2024-11-21T03:00:35.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-16T19:29:00.247",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96294"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037961"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/96294"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-20 20:59
Modified
2024-11-21 02:20
Severity ?
Summary
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02DD5C31-59F3-48DC-A9B6-AC616344EAE8",
"versionEndIncluding": "12.1.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL m\u00faltiple en la interfaz de scripts PHP en el componente Manager en Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1.6, permite a usuarios remotos autenticados ejecutar comandos SQL arbitrarios mediante el aprovechamiento del rol Limited Administrator."
}
],
"id": "CVE-2014-9229",
"lastModified": "2024-11-21T02:20:26.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-20T20:59:02.917",
"references": [
{
"source": "secure@symantec.com",
"url": "http://www.securityfocus.com/bid/75204"
},
{
"source": "secure@symantec.com",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-25 17:29
Modified
2024-11-21 03:55
Severity ?
Summary
Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/107997 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://support.symantec.com/en_US/article.SYMSA1479.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107997 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.symantec.com/en_US/article.SYMSA1479.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | nis-22.15.2.22 | |
| symantec | endpoint_protection | sep-12.1.7484.7002 | |
| symantec | endpoint_protection_cloud | * | |
| symantec | endpoint_protection_cloud_agent | * | |
| symantec | norton_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:nis-22.15.2.22:*:*:*:small_business:*:*:*",
"matchCriteriaId": "F562DF12-99D5-4111-9CD6-D1E5B7920225",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:sep-12.1.7484.7002:*:*:*:small_business:*:*:*",
"matchCriteriaId": "33FAAF42-04C9-430C-8C9A-F707AB6B469C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "31AFAAF0-ED33-4C9E-9708-456766A8A61F",
"versionEndExcluding": "22.16.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud_agent:*:*:*:*:small_business:*:*:*",
"matchCriteriaId": "5B36DE59-81E1-4800-96CB-C9281C15E2F5",
"versionEndExcluding": "3.00.31.2817",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:windows:*:*",
"matchCriteriaId": "C5C50AD8-9816-4DDE-B8A7-1243BF2E56BF",
"versionEndExcluding": "22.16.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 \u0026 SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead."
},
{
"lang": "es",
"value": "Norton Security (cliente de Windows) anterior a la versi\u00f3n 22.16.3 y SEP SBE (cliente de Windows) anterior a las versiones Cloud Agent 3.00.31.2817, NIS-22.15.2.22 y SEP-12.1.7484.7002, puede ser susceptible a una vulnerabilidad de precarga de DLL, que es un tipo de problema que puede presentarse cuando una aplicaci\u00f3n busca llamar a una DLL para su ejecuci\u00f3n y un atacante suministra una DLL maliciosa para usar en su lugar."
}
],
"id": "CVE-2018-18369",
"lastModified": "2024-11-21T03:55:48.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-25T17:29:00.317",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107997"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/107997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:50
Severity ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE4FB61-2CCC-41DD-8F06-65DE35A98E75",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA33EC1-D6B3-47D1-BCA1-399BC95187A1",
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A310968-717F-4DE8-88EA-E1CF7B842121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"matchCriteriaId": "ED771B06-2BD2-4B5D-9F91-B5377595E931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"matchCriteriaId": "12B8F2F5-0929-4B95-B6C3-33581F489AF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression."
},
{
"lang": "es",
"value": "El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en veriones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1; y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (violaci\u00f3n de acceso a memoria) a trav\u00e9s de un archivo ZIP que es manejado incorrectamente durante la descompresi\u00f3n."
}
],
"id": "CVE-2016-3646",
"lastModified": "2024-11-21T02:50:27.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:07.763",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91435"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40036/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40036/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-11 18:15
Modified
2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a los recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2020-5822",
"lastModified": "2024-11-21T05:34:38.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.747",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos RAR en ClamAV versi\u00f3n 0.96.4, Rising Antivirus versi\u00f3n 22.83.00.03, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, G Data AntiVirus versi\u00f3n 21, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Command Antivirus versi\u00f3n 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, PC Tools AntiVirus versi\u00f3n 7.0.3.5, F-Prot Antivirus versi\u00f3n 4.6.2.117, VirusBuster versi\u00f3n 13.6.151.0, Fortinet antivirus versi\u00f3n 4.2.254.0, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, K7 AntiVirus versi\u00f3n 9.77.3565, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, Kaspersky Antivirus versi\u00f3n 7.0.0.125, Jiangmin Antivirus versi\u00f3n 13.0.900, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, Sophos Anti-Virus versi\u00f3n 4.61.0, NOD32 Antivirus versi\u00f3n 5795, Avira AntiVir versi\u00f3n 7.11.1.163, Norman Antivirus versi\u00f3n 6.06.12, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, Panda Antivirus versi\u00f3n 10.0.2.7, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Comodo Antivirus versi\u00f3n 7424, Bitdefender versi\u00f3n 7.2, eSafe versi\u00f3n 7.0.17.0, F-Secure Anti-Virus versi\u00f3n 9.0.16160.0, nProtect Versi\u00f3n antivirus 2011-01-17.01, AhnLab V3 Internet Security versi\u00f3n 2011.01.18.00, AVG Anti-Virus versi\u00f3n 10.0.0.1190, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, y VBA32 versi\u00f3n 3.12.14.2, permite a los atacantes remotos asistidos por el usuario omitir la detecci\u00f3n de malware por medio de un archivo RAR con una inicial Secuencia de caracteres MZ. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador RAR."
}
],
"id": "CVE-2012-1443",
"lastModified": "2024-11-21T01:36:59.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:48.083",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80454"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80455"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80456"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80457"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80458"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80459"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80460"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80461"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80467"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80468"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80469"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80470"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80471"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80472"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52612"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-10 16:47
Modified
2024-11-21 01:56
Severity ?
Summary
The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.3001 | |
| symantec | endpoint_protection | 11.0.6000 | |
| symantec | endpoint_protection | 11.0.6100 | |
| symantec | endpoint_protection | 11.0.6200 | |
| symantec | endpoint_protection | 11.0.6200.754 | |
| symantec | endpoint_protection | 11.0.6300 | |
| symantec | endpoint_protection | 11.0.7000 | |
| symantec | endpoint_protection | 11.0.7100 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87524517-D50E-4DA8-8EDC-395E1866BD59",
"versionEndIncluding": "11.0.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*",
"matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*",
"matchCriteriaId": "F1580B17-6873-40AD-B092-EB768E656C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "6C2C5BA5-2A3D-4D67-AA8F-0A454E69BE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*",
"matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*",
"matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors."
},
{
"lang": "es",
"value": "El componente Application/Device Control (ADC) del cliente de Symantec Endpoint Protection (SEP) 11.x anteriores a 11.0.7.4 y 12.x anteriores a 12.1.2 RU2 y Endpoint Protection Small Business Edition 12.x anteriores a 12.1.2 RU2 no maneja apropiadamente politicas personalizadas, lo cual permite a usuarios locales sortear pol\u00edticas de restricci\u00f3n y acceder a archivos o directorios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-5010",
"lastModified": "2024-11-21T01:56:53.547",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-10T16:47:05.130",
"references": [
{
"source": "secure@symantec.com",
"url": "http://www.securityfocus.com/bid/64129"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"source": "secure@symantec.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90225"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-10 16:47
Modified
2024-11-21 01:56
Severity ?
Summary
Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.3001 | |
| symantec | endpoint_protection | 11.0.6000 | |
| symantec | endpoint_protection | 11.0.6100 | |
| symantec | endpoint_protection | 11.0.6200 | |
| symantec | endpoint_protection | 11.0.6200.754 | |
| symantec | endpoint_protection | 11.0.6300 | |
| symantec | endpoint_protection | 11.0.7000 | |
| symantec | endpoint_protection | 11.0.7100 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "87524517-D50E-4DA8-8EDC-395E1866BD59",
"versionEndIncluding": "11.0.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*",
"matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*",
"matchCriteriaId": "F1580B17-6873-40AD-B092-EB768E656C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "6C2C5BA5-2A3D-4D67-AA8F-0A454E69BE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*",
"matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*",
"matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory."
},
{
"lang": "es",
"value": "Vulnerabilidad unquoted Windows search path en el cliente de Symantec Endpoint Protection (SEP) 11.x anteriores a 11.0.7.4 y 12.x anteriores a 12.1.2 RU2 y Endpoint Protection Small Business Edition 12.x anteriores a 12.1.2 RU2 permite a usuarios locales obtener privilegios a trav\u00e9s de un programa manipulado en el directorio %SYSTEMDRIVE%."
}
],
"id": "CVE-2013-5011",
"lastModified": "2024-11-21T01:56:53.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-10T16:47:05.160",
"references": [
{
"source": "secure@symantec.com",
"url": "http://www.securityfocus.com/bid/64130"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"source": "secure@symantec.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90226"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/64130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90226"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2018-5237
Vulnerability from cvelistv5
Published
2018-06-20 16:00
Modified
2024-09-17 00:30
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104199 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1041180 | vdb-entry, x_refsource_SECTRACK | |
| https://support.symantec.com/en_US/article.SYMSA1454.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Symantec Endpoint Protection |
Version: Prior to 14 RU1 MP1 or 12.1 RU6 MP10 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:43.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104199",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104199"
},
{
"name": "1041180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 14 RU1 MP1 or 12.1 RU6 MP10"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T09:57:02",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "104199",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104199"
},
{
"name": "1041180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"DATE_PUBLIC": "2018-06-20T00:00:00",
"ID": "CVE-2018-5237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to 14 RU1 MP1 or 12.1 RU6 MP10"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104199",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104199"
},
{
"name": "1041180",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041180"
},
{
"name": "https://support.symantec.com/en_US/article.SYMSA1454.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-5237",
"datePublished": "2018-06-20T16:00:00Z",
"dateReserved": "2018-01-05T00:00:00",
"dateUpdated": "2024-09-17T00:30:52.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5010
Vulnerability from cvelistv5
Published
2014-01-10 16:00
Modified
2024-08-06 16:59
Severity ?
EPSS score ?
Summary
The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/64129 | vdb-entry, x_refsource_BID | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90225 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "64129",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64129"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135010-sec-bypass(90225)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90225"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "64129",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64129"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135010-sec-bypass(90225)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90225"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2013-5010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "64129",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64129"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135010-sec-bypass(90225)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90225"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2013-5010",
"datePublished": "2014-01-10T16:00:00",
"dateReserved": "2013-07-29T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5824
Vulnerability from cvelistv5
Published
2020-02-11 17:07
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1505.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:07:04",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5824",
"datePublished": "2020-02-11T17:07:04",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1461
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/80502 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/52626 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/80504 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80506 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80500 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80505 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80501 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80503 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80510 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80506"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80510"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80506"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80510"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80502",
"refsource": "OSVDB",
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"refsource": "OSVDB",
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"refsource": "OSVDB",
"url": "http://osvdb.org/80506"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"refsource": "OSVDB",
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"refsource": "OSVDB",
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"refsource": "OSVDB",
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"refsource": "OSVDB",
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"refsource": "OSVDB",
"url": "http://osvdb.org/80510"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1461",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12238
Vulnerability from cvelistv5
Published
2018-11-29 14:00
Modified
2024-08-05 08:30
Severity ?
EPSS score ?
Summary
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105917 | vdb-entry, x_refsource_BID | |
| https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud) |
Version: Prior to 22.15 [Norton] Version: Prior to 12.1.7454.7000 & 14.2 [Symantec Endpoint Protection (SEP)] Version: Prior to NIS-22.15.1.8 & SEP-12.1.7454.7000 [Symantec Endpoint Protection Small Business Edition (SEP SBE)] Version: Prior to 22.15.1 [Symantec Endpoint Protection Cloud (SEP Cloud)] |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:58.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105917"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud)",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 22.15 [Norton]"
},
{
"status": "affected",
"version": "Prior to 12.1.7454.7000 \u0026 14.2 [Symantec Endpoint Protection (SEP)]"
},
{
"status": "affected",
"version": "Prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000 [Symantec Endpoint Protection Small Business Edition (SEP SBE)]"
},
{
"status": "affected",
"version": "Prior to 22.15.1 [Symantec Endpoint Protection Cloud (SEP Cloud)]"
}
]
}
],
"datePublic": "2018-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 \u0026 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "AV Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-30T10:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "105917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105917"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-12238",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud)",
"version": {
"version_data": [
{
"version_value": "Prior to 22.15 [Norton]"
},
{
"version_value": "Prior to 12.1.7454.7000 \u0026 14.2 [Symantec Endpoint Protection (SEP)]"
},
{
"version_value": "Prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000 [Symantec Endpoint Protection Small Business Edition (SEP SBE)]"
},
{
"version_value": "Prior to 22.15.1 [Symantec Endpoint Protection Cloud (SEP Cloud)]"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 \u0026 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "AV Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105917"
},
{
"name": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-12238",
"datePublished": "2018-11-29T14:00:00",
"dateReserved": "2018-06-12T00:00:00",
"dateUpdated": "2024-08-05T08:30:58.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9229
Vulnerability from cvelistv5
Published
2015-09-20 20:00
Modified
2024-08-06 13:40
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150617_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75204 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032616 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:24.717Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "75204",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75204"
},
{
"name": "1032616",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032616"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-22T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "75204",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75204"
},
{
"name": "1032616",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032616"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2014-9229",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "75204",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75204"
},
{
"name": "1032616",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032616"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2014-9229",
"datePublished": "2015-09-20T20:00:00",
"dateReserved": "2014-12-03T00:00:00",
"dateUpdated": "2024-08-06T13:40:24.717Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1429
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/1204 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1022132 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1022130 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50176 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/34671 | vdb-entry, x_refsource_BID | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/34856 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/54157 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1022131 | vdb-entry, x_refsource_SECTRACK | |
| http://securityreason.com/securityalert/8346 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34671"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"refsource": "OSVDB",
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1429",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12756
Vulnerability from cvelistv5
Published
2019-11-15 16:58
Modified
2024-08-04 23:32
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1488.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP) |
Version: prior to 14.2 RU2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:55.148Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "prior to 14.2 RU2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Password Protection Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T16:58:23",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2019-12756",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP)",
"version": {
"version_data": [
{
"version_value": "prior to 14.2 RU2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Password Protection Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1488.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2019-12756",
"datePublished": "2019-11-15T16:58:23",
"dateReserved": "2019-06-06T00:00:00",
"dateUpdated": "2024-08-04T23:32:55.148Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9227
Vulnerability from cvelistv5
Published
2015-09-20 20:00
Modified
2024-08-06 13:40
Severity ?
EPSS score ?
Summary
Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150617_00 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032616 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75203 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:25.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "1032616",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032616"
},
{
"name": "75203",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-22T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "1032616",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032616"
},
{
"name": "75203",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2014-9227",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "1032616",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"name": "75203",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2014-9227",
"datePublished": "2015-09-20T20:00:00",
"dateReserved": "2014-12-03T00:00:00",
"dateUpdated": "2024-08-06T13:40:25.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-9094
Vulnerability from cvelistv5
Published
2018-04-16 18:00
Modified
2024-09-16 17:18
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/96298 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037961 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Endpoint Protection |
Version: Prior to SEP 14.0 MP1 & SEP 12.1 RU6 MP7 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:10.411Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96298",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96298"
},
{
"name": "1037961",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037961"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Endpoint Protection",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to SEP 14.0 MP1 \u0026 SEP 12.1 RU6 MP7"
}
]
}
],
"datePublic": "2017-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Formula Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-17T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "96298",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96298"
},
{
"name": "1037961",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037961"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"DATE_PUBLIC": "2017-04-06T00:00:00",
"ID": "CVE-2016-9094",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to SEP 14.0 MP1 \u0026 SEP 12.1 RU6 MP7"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Formula Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96298",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96298"
},
{
"name": "1037961",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037961"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-9094",
"datePublished": "2018-04-16T18:00:00Z",
"dateReserved": "2016-10-28T00:00:00",
"dateUpdated": "2024-09-16T17:18:11.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3268
Vulnerability from cvelistv5
Published
2010-12-22 20:00
Modified
2024-08-07 03:03
Severity ?
EPSS score ?
Summary
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/515191/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/43099 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2010/3206 | vdb-entry, x_refsource_VUPEN | |
| http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos | x_refsource_MISC | |
| http://secunia.com/advisories/42593 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1024866 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64028 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/45936 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2011/0234 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20101213 [CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "ADV-2010-3206",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"name": "42593",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42593"
},
{
"name": "1024866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024866"
},
{
"name": "symantec-antivirus-handler-service-dos(64028)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20101213 [CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "ADV-2010-3206",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"name": "42593",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42593"
},
{
"name": "1024866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024866"
},
{
"name": "symantec-antivirus-handler-service-dos(64028)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20101213 [CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"name": "43099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43099"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "ADV-2010-3206",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"name": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"name": "42593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42593"
},
{
"name": "1024866",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024866"
},
{
"name": "symantec-antivirus-handler-service-dos(64028)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
},
{
"name": "45936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3268",
"datePublished": "2010-12-22T20:00:00",
"dateReserved": "2010-09-09T00:00:00",
"dateUpdated": "2024-08-07T03:03:18.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5823
Vulnerability from cvelistv5
Published
2020-02-11 17:04
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1505.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:04:40",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5823",
"datePublished": "2020-02-11T17:04:40",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1430
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1430",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1462
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ZIP parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74310 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/52613 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "multiple-av-zip-file-evasion(74310)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74310"
},
{
"name": "52613",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52613"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ZIP parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "multiple-av-zip-file-evasion(74310)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74310"
},
{
"name": "52613",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52613"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1462",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ZIP parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "multiple-av-zip-file-evasion(74310)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74310"
},
{
"name": "52613",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52613"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1462",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1821
Vulnerability from cvelistv5
Published
2012-05-24 00:00
Modified
2024-08-06 19:08
Severity ?
EPSS score ?
Summary
The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/82147 | vdb-entry, x_refsource_OSVDB | |
| http://www.kb.cert.org/vuls/id/149070 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_00 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1027092 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/49221 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/50358 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:08:38.505Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "82147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/82147"
},
{
"name": "VU#149070",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/149070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_00"
},
{
"name": "1027092",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027092"
},
{
"name": "49221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/49221"
},
{
"name": "50358",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50358"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T20:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "82147",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/82147"
},
{
"name": "VU#149070",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/149070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_00"
},
{
"name": "1027092",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027092"
},
{
"name": "49221",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/49221"
},
{
"name": "50358",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50358"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-1821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "82147",
"refsource": "OSVDB",
"url": "http://osvdb.org/82147"
},
{
"name": "VU#149070",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/149070"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_00"
},
{
"name": "1027092",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027092"
},
{
"name": "49221",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49221"
},
{
"name": "50358",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50358"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-1821",
"datePublished": "2012-05-24T00:00:00",
"dateReserved": "2012-03-21T00:00:00",
"dateUpdated": "2024-08-06T19:08:38.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0289
Vulnerability from cvelistv5
Published
2012-05-23 21:00
Modified
2024-08-06 18:23
Severity ?
EPSS score ?
Summary
Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/51795 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1027093 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:29.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "51795",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51795"
},
{
"name": "1027093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027093"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-30T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "51795",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51795"
},
{
"name": "1027093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027093"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "51795",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51795"
},
{
"name": "1027093",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027093"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0289",
"datePublished": "2012-05-23T21:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:29.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5820
Vulnerability from cvelistv5
Published
2020-02-11 17:01
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1505.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:01:32",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5820",
"datePublished": "2020-02-11T17:01:32",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0550
Vulnerability from cvelistv5
Published
2011-08-15 19:00
Modified
2024-08-06 21:58
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1025919 | vdb-entry, x_refsource_SECTRACK | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00 | x_refsource_CONFIRM | |
| http://www.osvdb.org/74466 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/69136 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/48231 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/43662 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/74465 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:58:25.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1025919",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025919"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"name": "74466",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/74466"
},
{
"name": "symantec-endpoint-sepm-xss(69136)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69136"
},
{
"name": "48231",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48231"
},
{
"name": "43662",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43662"
},
{
"name": "74465",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/74465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1025919",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025919"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"name": "74466",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/74466"
},
{
"name": "symantec-endpoint-sepm-xss(69136)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69136"
},
{
"name": "48231",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48231"
},
{
"name": "43662",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43662"
},
{
"name": "74465",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/74465"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0550",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to portal/Help.jsp or (2) the URI in a console/apps/sepm request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1025919",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025919"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"name": "74466",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/74466"
},
{
"name": "symantec-endpoint-sepm-xss(69136)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69136"
},
{
"name": "48231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48231"
},
{
"name": "43662",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43662"
},
{
"name": "74465",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/74465"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0550",
"datePublished": "2011-08-15T19:00:00",
"dateReserved": "2011-01-20T00:00:00",
"dateUpdated": "2024-08-06T21:58:25.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13680
Vulnerability from cvelistv5
Published
2017-11-06 23:00
Modified
2024-09-16 17:42
Severity ?
EPSS score ?
Summary
Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/101503 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039775 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Symantec Endpoint Protection |
Version: Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:05:19.518Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101503"
},
{
"name": "1039775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to SEP 12.1 RU6 MP9 \u0026 SEP 14 RU1"
}
]
}
],
"datePublic": "2017-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Prior to SEP 12.1 RU6 MP9 \u0026 SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product\u0027s UI to perform unauthorized file deletes on the resident file system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary File Deletion",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-17T10:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "101503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101503"
},
{
"name": "1039775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"DATE_PUBLIC": "2017-11-06T00:00:00",
"ID": "CVE-2017-13680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to SEP 12.1 RU6 MP9 \u0026 SEP 14 RU1"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Prior to SEP 12.1 RU6 MP9 \u0026 SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product\u0027s UI to perform unauthorized file deletes on the resident file system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary File Deletion"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101503"
},
{
"name": "1039775",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039775"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2017-13680",
"datePublished": "2017-11-06T23:00:00Z",
"dateReserved": "2017-08-24T00:00:00",
"dateUpdated": "2024-09-16T17:42:54.111Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1425
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 18:53
Severity ?
EPSS score ?
Summary
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \50\4B\03\04 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/80403 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80389 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80391 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80409 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80396 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80392 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80395 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.370Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \\50\\4B\\03\\04 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-13T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \\50\\4B\\03\\04 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"refsource": "OSVDB",
"url": "http://osvdb.org/80392"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1425",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.370Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2209
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.exploit-db.com/exploits/40037/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91436 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40037",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91436",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91436"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "40037",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91436",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91436"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-2209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40037",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91436",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91436"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-2209",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-02-02T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5826
Vulnerability from cvelistv5
Published
2020-02-11 17:09
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1505.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:09:08",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5826",
"datePublished": "2020-02-11T17:09:08",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12757
Vulnerability from cvelistv5
Published
2019-11-15 17:37
Modified
2024-08-04 23:32
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1488.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP), Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: prior to 14.2 RU2 & 12.1 RU6 MP10, prior to 12.1 RU6 MP10d (12.1.7510.7002) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:54.825Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP), Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "prior to 14.2 RU2 \u0026 12.1 RU6 MP10, prior to 12.1 RU6 MP10d (12.1.7510.7002)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP), prior to 14.2 RU2 \u0026 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T17:37:31",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2019-12757",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP), Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "prior to 14.2 RU2 \u0026 12.1 RU6 MP10, prior to 12.1 RU6 MP10d (12.1.7510.7002)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP), prior to 14.2 RU2 \u0026 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1488.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2019-12757",
"datePublished": "2019-11-15T17:37:31",
"dateReserved": "2019-06-06T00:00:00",
"dateUpdated": "2024-08-04T23:32:54.825Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3646
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/91435 | vdb-entry, x_refsource_BID | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40036/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "91435",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40036",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40036/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "91435",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40036",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40036/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-3646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "91435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91435"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40036",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40036/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-3646",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-03-23T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1443
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/80472 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52612 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/80467 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80461 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80470 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80460 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80468 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80456 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80457 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80458 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80454 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80455 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80459 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80469 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80471 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80471"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80471"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80472",
"refsource": "OSVDB",
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"refsource": "OSVDB",
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"refsource": "OSVDB",
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"refsource": "OSVDB",
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"refsource": "OSVDB",
"url": "http://osvdb.org/80460"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"refsource": "OSVDB",
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"refsource": "OSVDB",
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"refsource": "OSVDB",
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"refsource": "OSVDB",
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"refsource": "OSVDB",
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"refsource": "OSVDB",
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"refsource": "OSVDB",
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"refsource": "OSVDB",
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"refsource": "OSVDB",
"url": "http://osvdb.org/80471"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1443",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-18366
Vulnerability from cvelistv5
Published
2019-04-25 19:13
Modified
2024-08-05 11:08
Severity ?
EPSS score ?
Summary
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/en_US/article.SYMSA1479.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/107994 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Symantec Corporation | Norton Security |
Version: Prior to 22.16.3 |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107994",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Security",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 22.16.3"
}
]
},
{
"product": "SEP (Windows client)",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to and including 12.1 RU6 MP9"
},
{
"status": "affected",
"version": "Prior to 14.2 RU1"
}
]
},
{
"product": "SEP SBE",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to Cloud Agent 3.00.31.2817"
},
{
"status": "affected",
"version": "NIS-22.15.2.22"
},
{
"status": "affected",
"version": "SEP-12.1.7484.7002"
}
]
},
{
"product": "SEP Cloud",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 22.16.3"
}
]
}
],
"datePublic": "2019-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Kernel memory disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-25T19:13:05",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107994",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-18366",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Security",
"version": {
"version_data": [
{
"version_value": "Prior to 22.16.3"
}
]
}
},
{
"product_name": "SEP (Windows client)",
"version": {
"version_data": [
{
"version_value": "Prior to and including 12.1 RU6 MP9"
},
{
"version_value": "Prior to 14.2 RU1"
}
]
}
},
{
"product_name": "SEP SBE",
"version": {
"version_data": [
{
"version_value": "Prior to Cloud Agent 3.00.31.2817"
},
{
"version_value": "NIS-22.15.2.22"
},
{
"version_value": "SEP-12.1.7484.7002"
}
]
}
},
{
"product_name": "SEP Cloud",
"version": {
"version_data": [
{
"version_value": "Prior to 22.16.3"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Kernel memory disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/en_US/article.SYMSA1479.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107994",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-18366",
"datePublished": "2019-04-25T19:13:05",
"dateReserved": "2018-10-15T00:00:00",
"dateUpdated": "2024-08-05T11:08:21.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3434
Vulnerability from cvelistv5
Published
2014-08-06 19:00
Modified
2024-08-06 10:43
Severity ?
EPSS score ?
Summary
Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140804_00 | x_refsource_CONFIRM | |
| http://www.osvdb.org/109663 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/68946 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95062 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/252068 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/58996 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/59697 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.exploit-db.com/exploits/34272 | exploit, x_refsource_EXPLOIT-DB | |
| http://packetstormsecurity.com/files/127772/Symantec-Endpoint-Protection-11.x-12.x-Kernel-Pool-Overflow.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.117Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140804_00"
},
{
"name": "109663",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/109663"
},
{
"name": "68946",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68946"
},
{
"name": "symantec-endpoint-priv-escalation(95062)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95062"
},
{
"name": "VU#252068",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/252068"
},
{
"name": "58996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58996"
},
{
"name": "59697",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59697"
},
{
"name": "34272",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/34272"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/127772/Symantec-Endpoint-Protection-11.x-12.x-Kernel-Pool-Overflow.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140804_00"
},
{
"name": "109663",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/109663"
},
{
"name": "68946",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68946"
},
{
"name": "symantec-endpoint-priv-escalation(95062)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95062"
},
{
"name": "VU#252068",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/252068"
},
{
"name": "58996",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58996"
},
{
"name": "59697",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59697"
},
{
"name": "34272",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/34272"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/127772/Symantec-Endpoint-Protection-11.x-12.x-Kernel-Pool-Overflow.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2014-3434",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140804_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140804_00"
},
{
"name": "109663",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/109663"
},
{
"name": "68946",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68946"
},
{
"name": "symantec-endpoint-priv-escalation(95062)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95062"
},
{
"name": "VU#252068",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/252068"
},
{
"name": "58996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58996"
},
{
"name": "59697",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59697"
},
{
"name": "34272",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/34272"
},
{
"name": "http://packetstormsecurity.com/files/127772/Symantec-Endpoint-Protection-11.x-12.x-Kernel-Pool-Overflow.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/127772/Symantec-Endpoint-Protection-11.x-12.x-Kernel-Pool-Overflow.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2014-3434",
"datePublished": "2014-08-06T19:00:00",
"dateReserved": "2014-05-09T00:00:00",
"dateUpdated": "2024-08-06T10:43:06.117Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5836
Vulnerability from cvelistv5
Published
2020-05-11 19:23
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection |
Version: Prior to 14.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection\u0027s Tamper Protection feature is disabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T19:23:11",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to 14.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection\u0027s Tamper Protection feature is disabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762",
"refsource": "MISC",
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5836",
"datePublished": "2020-05-11T19:23:11",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5309
Vulnerability from cvelistv5
Published
2017-04-14 18:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036848 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/92868 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/40405/ | exploit, x_refsource_EXPLOIT-DB | |
| https://bugs.chromium.org/p/project-zero/issues/detail?id=867 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1036849 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036847 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036850 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:59.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
},
{
"name": "1036848",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036848"
},
{
"name": "92868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92868"
},
{
"name": "40405",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"name": "1036849",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036849"
},
{
"name": "1036847",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036847"
},
{
"name": "1036850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-14T16:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
},
{
"name": "1036848",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036848"
},
{
"name": "92868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92868"
},
{
"name": "40405",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"name": "1036849",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036849"
},
{
"name": "1036847",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036847"
},
{
"name": "1036850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-5309",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
},
{
"name": "1036848",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036848"
},
{
"name": "92868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92868"
},
{
"name": "40405",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"name": "1036849",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036849"
},
{
"name": "1036847",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036847"
},
{
"name": "1036850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-5309",
"datePublished": "2017-04-14T18:00:00",
"dateReserved": "2016-06-06T00:00:00",
"dateUpdated": "2024-08-06T01:00:59.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0295
Vulnerability from cvelistv5
Published
2012-05-23 21:00
Modified
2024-08-06 18:23
Severity ?
EPSS score ?
Summary
The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/53184 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/bid/53183 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1027093 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:29.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "53184",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53184"
},
{
"name": "53183",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53183"
},
{
"name": "1027093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027093"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-30T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "53184",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53184"
},
{
"name": "53183",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53183"
},
{
"name": "1027093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027093"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0295",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "53184",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53184"
},
{
"name": "53183",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53183"
},
{
"name": "1027093",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027093"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0295",
"datePublished": "2012-05-23T21:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:29.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5011
Vulnerability from cvelistv5
Published
2014-01-10 16:00
Modified
2024-08-06 16:59
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/64130 | vdb-entry, x_refsource_BID | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90226 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.088Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "64130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64130"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135011-priv-esc(90226)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90226"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "64130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64130"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135011-priv-esc(90226)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90226"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2013-5011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "64130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64130"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135011-priv-esc(90226)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90226"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2013-5011",
"datePublished": "2014-01-10T16:00:00",
"dateReserved": "2013-07-29T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.088Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13681
Vulnerability from cvelistv5
Published
2017-11-06 23:00
Modified
2024-09-16 23:16
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1039775 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/101504 | vdb-entry, x_refsource_BID | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Symantec Endpoint Protection |
Version: Prior to SEP 12.1 RU6 MP9 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:05:19.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"name": "101504",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101504"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to SEP 12.1 RU6 MP9"
}
]
}
],
"datePublic": "2017-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-17T10:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1039775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"name": "101504",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101504"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"DATE_PUBLIC": "2017-11-06T00:00:00",
"ID": "CVE-2017-13681",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to SEP 12.1 RU6 MP9"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039775",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039775"
},
{
"name": "101504",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101504"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2017-13681",
"datePublished": "2017-11-06T23:00:00Z",
"dateReserved": "2017-08-24T00:00:00",
"dateUpdated": "2024-09-16T23:16:25.106Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3644
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91431 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/40034/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91431",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91431"
},
{
"name": "40034",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40034/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91431",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91431"
},
{
"name": "40034",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40034/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91431",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91431"
},
{
"name": "40034",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40034/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-3644",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-03-23T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5825
Vulnerability from cvelistv5
Published
2020-02-11 17:07
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1505.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary File Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:07:31",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary File Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5825",
"datePublished": "2020-02-11T17:07:31",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1456
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/80406 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/80403 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80389 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80391 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74289 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/80409 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80396 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80390 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/52608 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/80395 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80406"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "multiple-av-zip-archive-evasion(74289)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74289"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80390"
},
{
"name": "52608",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52608"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80406"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "multiple-av-zip-archive-evasion(74289)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74289"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80390"
},
{
"name": "52608",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52608"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a TAR file with an appended ZIP file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80406",
"refsource": "OSVDB",
"url": "http://osvdb.org/80406"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "multiple-av-zip-archive-evasion(74289)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74289"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"refsource": "OSVDB",
"url": "http://osvdb.org/80390"
},
{
"name": "52608",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52608"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1456",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-5009
Vulnerability from cvelistv5
Published
2014-01-10 16:00
Modified
2024-08-06 16:59
Severity ?
EPSS score ?
Summary
The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/64128 | vdb-entry, x_refsource_BID | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90224 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "64128",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64128"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135009-priv-esc(90224)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90224"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "64128",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64128"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135009-priv-esc(90224)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90224"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2013-5009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "64128",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64128"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20140109_00"
},
{
"name": "symantec-endpoint-cve20135009-priv-esc(90224)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90224"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2013-5009",
"datePublished": "2014-01-10T16:00:00",
"dateReserved": "2013-07-29T00:00:00",
"dateUpdated": "2024-08-06T16:59:41.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-9228
Vulnerability from cvelistv5
Published
2015-09-20 20:00
Modified
2024-08-06 13:40
Severity ?
EPSS score ?
Summary
sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150617_00 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032616 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75202 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:40:24.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "1032616",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032616"
},
{
"name": "75202",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75202"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-22T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "1032616",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032616"
},
{
"name": "75202",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75202"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2014-9228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20150617_00"
},
{
"name": "1032616",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032616"
},
{
"name": "75202",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75202"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2014-9228",
"datePublished": "2015-09-20T20:00:00",
"dateReserved": "2014-12-03T00:00:00",
"dateUpdated": "2024-08-06T13:40:24.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8113
Vulnerability from cvelistv5
Published
2015-11-12 02:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20151109_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/77585 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:31.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20151109_00"
},
{
"name": "77585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/77585"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-11-17T02:57:04",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20151109_00"
},
{
"name": "77585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/77585"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2015-8113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20151109_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20151109_00"
},
{
"name": "77585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/77585"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2015-8113",
"datePublished": "2015-11-12T02:00:00",
"dateReserved": "2015-11-11T00:00:00",
"dateUpdated": "2024-08-06T08:13:31.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-9093
Vulnerability from cvelistv5
Published
2018-04-16 18:00
Modified
2024-09-16 21:58
Severity ?
EPSS score ?
Summary
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. In very narrow circumstances, and on 64-bit systems only, this could allow the user to run arbitrary code on the local machine with kernel-level privileges. This could result in a non-privileged user gaining privileged access on the local machine.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1037961 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/96294 | vdb-entry, x_refsource_BID | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Endpoint Protection |
Version: Prior to SEP 12.1 RU6 MP7 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:42:10.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037961",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037961"
},
{
"name": "96294",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96294"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Endpoint Protection",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to SEP 12.1 RU6 MP7"
}
]
}
],
"datePublic": "2017-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. In very narrow circumstances, and on 64-bit systems only, this could allow the user to run arbitrary code on the local machine with kernel-level privileges. This could result in a non-privileged user gaining privileged access on the local machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-17T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1037961",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037961"
},
{
"name": "96294",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96294"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"DATE_PUBLIC": "2017-04-06T00:00:00",
"ID": "CVE-2016-9093",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to SEP 12.1 RU6 MP7"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. In very narrow circumstances, and on 64-bit systems only, this could allow the user to run arbitrary code on the local machine with kernel-level privileges. This could result in a non-privileged user gaining privileged access on the local machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037961",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037961"
},
{
"name": "96294",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96294"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20170306_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-9093",
"datePublished": "2018-04-16T18:00:00Z",
"dateReserved": "2016-10-28T00:00:00",
"dateUpdated": "2024-09-16T21:58:24.461Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12245
Vulnerability from cvelistv5
Published
2018-11-29 14:00
Modified
2024-08-05 08:30
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only manifests at install time; no remediation is required for software that has already been installed. This issue only impacted the Trialware media for Symantec Endpoint Protection, which has since been updated.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105919 | vdb-entry, x_refsource_BID | |
| https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Symantec Endpoint Protection (SEP) |
Version: Prior to 14.2 MP1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:59.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105919",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105919"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP)",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 MP1"
}
]
}
],
"datePublic": "2018-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only manifests at install time; no remediation is required for software that has already been installed. This issue only impacted the Trialware media for Symantec Endpoint Protection, which has since been updated."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Preloading",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-30T10:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "105919",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105919"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-12245",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 MP1"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only manifests at install time; no remediation is required for software that has already been installed. This issue only impacted the Trialware media for Symantec Endpoint Protection, which has since been updated."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Preloading"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105919",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105919"
},
{
"name": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-12245",
"datePublished": "2018-11-29T14:00:00",
"dateReserved": "2018-06-12T00:00:00",
"dateUpdated": "2024-08-05T08:30:59.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1457
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "52610",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52610"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
},
{
"name": "multiple-av-tar-length-evasion(74293)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "52610",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52610"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
},
{
"name": "multiple-av-tar-length-evasion(74293)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"refsource": "OSVDB",
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"refsource": "OSVDB",
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "80392",
"refsource": "OSVDB",
"url": "http://osvdb.org/80392"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "MDVSA-2012:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "52610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52610"
},
{
"name": "80407",
"refsource": "OSVDB",
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
},
{
"name": "multiple-av-tar-length-evasion(74293)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74293"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1457",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5837
Vulnerability from cvelistv5
Published
2020-05-11 19:25
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection |
Version: Prior to 14.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T19:25:45",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to 14.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762",
"refsource": "MISC",
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5837",
"datePublished": "2020-05-11T19:25:45",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1421
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 18:53
Severity ?
EPSS score ?
Summary
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/80409 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-13T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1421",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0108
Vulnerability from cvelistv5
Published
2010-02-19 17:00
Modified
2024-08-07 00:37
Severity ?
EPSS score ?
Summary
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56355 | vdb-entry, x_refsource_XF | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_02 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/509681/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://dsecrg.com/pages/vul/show.php?id=139 | x_refsource_MISC | |
| http://secunia.com/advisories/38651 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/38222 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2010/0412 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:54.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "scp-cliproxy-activex-bo(56355)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"name": "20100219 [DSECRG-09-039] Symantec Antivirus 10.0 ActiveX - buffer Overflow.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"name": "38651",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38651"
},
{
"name": "38222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38222"
},
{
"name": "ADV-2010-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "scp-cliproxy-activex-bo(56355)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"name": "20100219 [DSECRG-09-039] Symantec Antivirus 10.0 ActiveX - buffer Overflow.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"name": "38651",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38651"
},
{
"name": "38222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38222"
},
{
"name": "ADV-2010-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "scp-cliproxy-activex-bo(56355)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"name": "20100219 [DSECRG-09-039] Symantec Antivirus 10.0 ActiveX - buffer Overflow.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=139",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"name": "38651",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38651"
},
{
"name": "38222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38222"
},
{
"name": "ADV-2010-0412",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0108",
"datePublished": "2010-02-19T17:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:54.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5822
Vulnerability from cvelistv5
Published
2020-02-11 17:04
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1505.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:04:33",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5822",
"datePublished": "2020-02-11T17:04:33",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12244
Vulnerability from cvelistv5
Published
2019-04-25 18:49
Modified
2024-08-05 08:30
Severity ?
EPSS score ?
Summary
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/en_US/article.SYMSA1479.html | x_refsource_MISC | |
| https://www.securityfocus.com/bid/107999 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Symantec Endpoint Protection (Mac Client) |
Version: Prior to and including 12.1 RU6 MP9 Version: Prior to 14.2 RU1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:59.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107999",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/107999"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (Mac Client)",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to and including 12.1 RU6 MP9"
},
{
"status": "affected",
"version": "Prior to 14.2 RU1"
}
]
}
],
"datePublic": "2019-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CSV/DDE Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-25T18:49:02",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107999",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "https://www.securityfocus.com/bid/107999"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-12244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (Mac Client)",
"version": {
"version_data": [
{
"version_value": "Prior to and including 12.1 RU6 MP9"
},
{
"version_value": "Prior to 14.2 RU1"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CSV/DDE Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/en_US/article.SYMSA1479.html",
"refsource": "MISC",
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107999",
"refsource": "BID",
"url": "https://www.securityfocus.com/bid/107999"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-12244",
"datePublished": "2019-04-25T18:49:02",
"dateReserved": "2018-06-12T00:00:00",
"dateUpdated": "2024-08-05T08:30:59.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-12239
Vulnerability from cvelistv5
Published
2018-11-29 14:00
Modified
2024-08-05 08:30
Severity ?
EPSS score ?
Summary
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/105918 | vdb-entry, x_refsource_BID | |
| https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud) |
Version: Prior to 22.15 [Norton] Version: Prior to 12.1.7454.7000 & 14.2 [Symantec Endpoint Protection (SEP)] Version: Prior to NIS-22.15.1.8 & SEP-12.1.7454.7000 [Symantec Endpoint Protection Small Business Edition (SEP SBE)] Version: Prior to 22.15.1 [Symantec Endpoint Protection Cloud (SEP Cloud)] |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:59.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105918",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105918"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud)",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 22.15 [Norton]"
},
{
"status": "affected",
"version": "Prior to 12.1.7454.7000 \u0026 14.2 [Symantec Endpoint Protection (SEP)]"
},
{
"status": "affected",
"version": "Prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000 [Symantec Endpoint Protection Small Business Edition (SEP SBE)]"
},
{
"status": "affected",
"version": "Prior to 22.15.1 [Symantec Endpoint Protection Cloud (SEP Cloud)]"
}
]
}
],
"datePublic": "2018-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 \u0026 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "AV Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-30T10:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "105918",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105918"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-12239",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton; Symantec Endpoint Protection (SEP); Symantec Endpoint Protection Small Business Edition (SEP SBE); Symantec Endpoint Protection Cloud (SEP Cloud)",
"version": {
"version_data": [
{
"version_value": "Prior to 22.15 [Norton]"
},
{
"version_value": "Prior to 12.1.7454.7000 \u0026 14.2 [Symantec Endpoint Protection (SEP)]"
},
{
"version_value": "Prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000 [Symantec Endpoint Protection Small Business Edition (SEP SBE)]"
},
{
"version_value": "Prior to 22.15.1 [Symantec Endpoint Protection Cloud (SEP Cloud)]"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 \u0026 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "AV Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105918",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105918"
},
{
"name": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-12239",
"datePublished": "2018-11-29T14:00:00",
"dateReserved": "2018-06-12T00:00:00",
"dateUpdated": "2024-08-05T08:30:59.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2207
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/91434 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40031/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91434"
},
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40031",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40031/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "91434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91434"
},
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40031",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40031/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-2207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91434"
},
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40031",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40031/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-2207",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-02-02T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1432
Vulnerability from cvelistv5
Published
2009-04-30 20:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/1204 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1022137 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/34856 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1022138 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/34935 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1022136 | vdb-entry, x_refsource_SECTRACK | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_00 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2009/1202 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50172 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/34668 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022137",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022137"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022138"
},
{
"name": "34935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34935"
},
{
"name": "1022136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022136"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"name": "ADV-2009-1202",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"name": "multiple-symantec-login-spoofing(50172)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
},
{
"name": "34668",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34668"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022137",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022137"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022138"
},
{
"name": "34935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34935"
},
{
"name": "1022136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022136"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"name": "ADV-2009-1202",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"name": "multiple-symantec-login-spoofing(50172)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
},
{
"name": "34668",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34668"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022137",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022137"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022138",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022138"
},
{
"name": "34935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34935"
},
{
"name": "1022136",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022136"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"name": "ADV-2009-1202",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"name": "multiple-symantec-login-spoofing(50172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
},
{
"name": "34668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34668"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1432",
"datePublished": "2009-04-30T20:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1459
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"refsource": "OSVDB",
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"refsource": "OSVDB",
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"refsource": "OSVDB",
"url": "http://osvdb.org/80392"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"refsource": "OSVDB",
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"refsource": "OSVDB",
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1459",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-5236
Vulnerability from cvelistv5
Published
2018-06-20 16:00
Modified
2024-09-17 00:46
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/104198 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1041180 | vdb-entry, x_refsource_SECTRACK | |
| https://support.symantec.com/en_US/article.SYMSA1454.html | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Symantec Endpoint Protection |
Version: Prior to 14 RU1 MP1 or 12.1 RU6 MP10 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T05:33:43.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104198",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104198"
},
{
"name": "1041180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041180"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 14 RU1 MP1 or 12.1 RU6 MP10"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Race condition",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-26T09:57:02",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "104198",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104198"
},
{
"name": "1041180",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041180"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"DATE_PUBLIC": "2018-06-20T00:00:00",
"ID": "CVE-2018-5236",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to 14 RU1 MP1 or 12.1 RU6 MP10"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Race condition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104198",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104198"
},
{
"name": "1041180",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041180"
},
{
"name": "https://support.symantec.com/en_US/article.SYMSA1454.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/en_US/article.SYMSA1454.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-5236",
"datePublished": "2018-06-20T16:00:00Z",
"dateReserved": "2018-01-05T00:00:00",
"dateUpdated": "2024-09-17T00:46:52.311Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-0294
Vulnerability from cvelistv5
Published
2012-05-23 21:00
Modified
2024-08-06 18:23
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/53182 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1027093 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.586Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "53182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/53182"
},
{
"name": "1027093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027093"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-30T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "53182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/53182"
},
{
"name": "1027093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027093"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "53182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53182"
},
{
"name": "1027093",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027093"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0294",
"datePublished": "2012-05-23T21:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:30.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0106
Vulnerability from cvelistv5
Published
2010-02-19 17:00
Modified
2024-08-07 00:37
Severity ?
EPSS score ?
Summary
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2010/0410 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56354 | vdb-entry, x_refsource_XF | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_00 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1023621 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/38219 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/38653 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/62414 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:54.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"name": "symantec-ondemand-dos(56354)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"name": "1023621",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023621"
},
{
"name": "38219",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38219"
},
{
"name": "38653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38653"
},
{
"name": "62414",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62414"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via \"specific events\" that prevent the user from having read access to unspecified resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"name": "symantec-ondemand-dos(56354)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"name": "1023621",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023621"
},
{
"name": "38219",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38219"
},
{
"name": "38653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38653"
},
{
"name": "62414",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62414"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via \"specific events\" that prevent the user from having read access to unspecified resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"name": "symantec-ondemand-dos(56354)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"name": "1023621",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023621"
},
{
"name": "38219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38219"
},
{
"name": "38653",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38653"
},
{
"name": "62414",
"refsource": "OSVDB",
"url": "http://osvdb.org/62414"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0106",
"datePublished": "2010-02-19T17:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:54.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0114
Vulnerability from cvelistv5
Published
2010-12-22 00:00
Modified
2024-08-07 00:37
Severity ?
EPSS score ?
Summary
fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1024900 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64118 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/45372 | vdb-entry, x_refsource_BID | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101215_00 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2010/3252 | vdb-entry, x_refsource_VUPEN | |
| http://www.zerodayinitiative.com/advisories/ZDI-10-291/ | x_refsource_MISC | |
| http://secunia.com/advisories/42643 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.916Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024900"
},
{
"name": "symantec-endpoint-fwcharts-code-execution(64118)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64118"
},
{
"name": "45372",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20101215_00"
},
{
"name": "ADV-2010-3252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3252"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-291/"
},
{
"name": "42643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42643"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1024900",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024900"
},
{
"name": "symantec-endpoint-fwcharts-code-execution(64118)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64118"
},
{
"name": "45372",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20101215_00"
},
{
"name": "ADV-2010-3252",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3252"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-291/"
},
{
"name": "42643",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42643"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024900",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024900"
},
{
"name": "symantec-endpoint-fwcharts-code-execution(64118)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64118"
},
{
"name": "45372",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45372"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20101215_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20101215_00"
},
{
"name": "ADV-2010-3252",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3252"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-291/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-291/"
},
{
"name": "42643",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42643"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0114",
"datePublished": "2010-12-22T00:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:53.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0551
Vulnerability from cvelistv5
Published
2011-08-15 19:00
Modified
2024-08-06 21:58
Severity ?
EPSS score ?
Summary
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1025919 | vdb-entry, x_refsource_SECTRACK | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/43662 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/49101 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/74467 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:58:25.357Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1025919",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025919"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"name": "43662",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43662"
},
{
"name": "49101",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49101"
},
{
"name": "74467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/74467"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-07T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1025919",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025919"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"name": "43662",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43662"
},
{
"name": "49101",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49101"
},
{
"name": "74467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/74467"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0551",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1025919",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025919"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110810_00"
},
{
"name": "43662",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43662"
},
{
"name": "49101",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49101"
},
{
"name": "74467",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/74467"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0551",
"datePublished": "2011-08-15T19:00:00",
"dateReserved": "2011-01-20T00:00:00",
"dateUpdated": "2024-08-06T21:58:25.357Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-5821
Vulnerability from cvelistv5
Published
2020-02-11 17:02
Modified
2024-08-04 08:39
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1505.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:02:06",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5821",
"datePublished": "2020-02-11T17:02:07",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1431
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/1204 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1022132 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1022130 | vdb-entry, x_refsource_SECTRACK | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/34856 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1022131 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50179 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/34675 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34675"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34675"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1431",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6331
Vulnerability from cvelistv5
Published
2017-11-06 23:00
Modified
2024-09-16 19:15
Severity ?
EPSS score ?
Summary
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.exploit-db.com/exploits/43134/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/101502 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039775 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Symantec Corporation | Symantec Endpoint Protection |
Version: Prior to SEP 14 RU1 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:25:49.127Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43134",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/43134/"
},
{
"name": "101502",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101502"
},
{
"name": "1039775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to SEP 14 RU1"
}
]
}
],
"datePublic": "2017-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Tamper-protection bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-17T10:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "43134",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/43134/"
},
{
"name": "101502",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101502"
},
{
"name": "1039775",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039775"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"DATE_PUBLIC": "2017-11-06T00:00:00",
"ID": "CVE-2017-6331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to SEP 14 RU1"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Tamper-protection bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43134",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/43134/"
},
{
"name": "101502",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101502"
},
{
"name": "1039775",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039775"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20171106_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2017-6331",
"datePublished": "2017-11-06T23:00:00Z",
"dateReserved": "2017-02-26T00:00:00",
"dateUpdated": "2024-09-16T19:15:59.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5310
Vulnerability from cvelistv5
Published
2017-04-14 18:00
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1036848 | vdb-entry, x_refsource_SECTRACK | |
| https://www.exploit-db.com/exploits/40405/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/92866 | vdb-entry, x_refsource_BID | |
| https://bugs.chromium.org/p/project-zero/issues/detail?id=867 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1036849 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036847 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036850 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:59.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
},
{
"name": "1036848",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036848"
},
{
"name": "40405",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"name": "92866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/92866"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"name": "1036849",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036849"
},
{
"name": "1036847",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036847"
},
{
"name": "1036850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-14T16:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
},
{
"name": "1036848",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036848"
},
{
"name": "40405",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"name": "92866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/92866"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"name": "1036849",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036849"
},
{
"name": "1036847",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036847"
},
{
"name": "1036850",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-5310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160919_00"
},
{
"name": "1036848",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036848"
},
{
"name": "40405",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40405/"
},
{
"name": "92866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/92866"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=867"
},
{
"name": "1036849",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036849"
},
{
"name": "1036847",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036847"
},
{
"name": "1036850",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-5310",
"datePublished": "2017-04-14T18:00:00",
"dateReserved": "2016-06-06T00:00:00",
"dateUpdated": "2024-08-06T01:00:59.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1428
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to "two parsing errors."
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50170 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2009/1203 | vdb-entry, x_refsource_VUPEN | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_01 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/34669 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1022135 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1022134 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1022133 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/34936 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/54132 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-symantec-log-xss(50170)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
},
{
"name": "ADV-2009-1203",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"name": "34669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34669"
},
{
"name": "1022135",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022135"
},
{
"name": "1022134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022134"
},
{
"name": "1022133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022133"
},
{
"name": "34936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34936"
},
{
"name": "54132",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54132"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to \"two parsing errors.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-symantec-log-xss(50170)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
},
{
"name": "ADV-2009-1203",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"name": "34669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34669"
},
{
"name": "1022135",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022135"
},
{
"name": "1022134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022134"
},
{
"name": "1022133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022133"
},
{
"name": "34936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34936"
},
{
"name": "54132",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54132"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to \"two parsing errors.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-symantec-log-xss(50170)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
},
{
"name": "ADV-2009-1203",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"name": "34669",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34669"
},
{
"name": "1022135",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022135"
},
{
"name": "1022134",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022134"
},
{
"name": "1022133",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022133"
},
{
"name": "34936",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34936"
},
{
"name": "54132",
"refsource": "OSVDB",
"url": "http://osvdb.org/54132"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1428",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2018-18369
Vulnerability from cvelistv5
Published
2019-04-25 16:55
Modified
2024-08-05 11:08
Severity ?
EPSS score ?
Summary
Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/en_US/article.SYMSA1479.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/107997 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Symantec Corporation | Norton Security |
Version: Prior to 22.16.3 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107997",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107997"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Security",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to 22.16.3"
}
]
},
{
"product": "Symantec Endpoint Protection Small Business Edition",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to Cloud Agent 3.00.31.2817"
},
{
"status": "affected",
"version": "NIS-22.15.2.22"
},
{
"status": "affected",
"version": "SEP-12.1.7484.7002"
}
]
}
],
"datePublic": "2019-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 \u0026 SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Preloading",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-25T16:55:04",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107997",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107997"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-18369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Security",
"version": {
"version_data": [
{
"version_value": "Prior to 22.16.3"
}
]
}
},
{
"product_name": "Symantec Endpoint Protection Small Business Edition",
"version": {
"version_data": [
{
"version_value": "Prior to Cloud Agent 3.00.31.2817"
},
{
"version_value": "NIS-22.15.2.22"
},
{
"version_value": "SEP-12.1.7484.7002"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 \u0026 SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Preloading"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/en_US/article.SYMSA1479.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107997",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107997"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-18369",
"datePublished": "2019-04-25T16:55:04",
"dateReserved": "2018-10-15T00:00:00",
"dateUpdated": "2024-08-05T11:08:21.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1446
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/80430 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/80427 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/52600 | vdb-entry, x_refsource_BID | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80428 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80426 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80431 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.442Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80430",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80430"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80427"
},
{
"name": "52600",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52600"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80426"
},
{
"name": "80431",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80430",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80430"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80427"
},
{
"name": "52600",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52600"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80426"
},
{
"name": "80431",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1446",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80430",
"refsource": "OSVDB",
"url": "http://osvdb.org/80430"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"refsource": "OSVDB",
"url": "http://osvdb.org/80427"
},
{
"name": "52600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52600"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"refsource": "OSVDB",
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"refsource": "OSVDB",
"url": "http://osvdb.org/80426"
},
{
"name": "80431",
"refsource": "OSVDB",
"url": "http://osvdb.org/80431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1446",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-4953
Vulnerability from cvelistv5
Published
2012-11-14 11:00
Modified
2024-08-06 20:50
Severity ?
EPSS score ?
Summary
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121107_00 | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/985625 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securitytracker.com/id?1027726 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/56399 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:18.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
},
{
"name": "VU#985625",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"name": "1027726",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027726"
},
{
"name": "56399",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56399"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-02T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
},
{
"name": "VU#985625",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"name": "1027726",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027726"
},
{
"name": "56399",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56399"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-4953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
},
{
"name": "VU#985625",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"name": "1027726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027726"
},
{
"name": "56399",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56399"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-4953",
"datePublished": "2012-11-14T11:00:00",
"dateReserved": "2012-09-17T00:00:00",
"dateUpdated": "2024-08-06T20:50:18.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3645
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40035/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/91439 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40035",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40035",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91439"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-3645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40035",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"name": "91439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91439"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-3645",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-03-23T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-18372
Vulnerability from cvelistv5
Published
2019-11-15 17:41
Modified
2024-08-05 01:54
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1488.html | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection |
Version: prior to 14.2 RU2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:54:14.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "prior to 14.2 RU2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-15T17:41:41",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2019-18372",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "prior to 14.2 RU2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1488.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2019-18372",
"datePublished": "2019-11-15T17:41:41",
"dateReserved": "2019-10-23T00:00:00",
"dateUpdated": "2024-08-05T01:54:14.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-5311
Vulnerability from cvelistv5
Published
2020-01-09 19:30
Modified
2024-08-06 01:00
Severity ?
EPSS score ?
Summary
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/94295 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1037323 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1037324 | x_refsource_MISC | |
| http://www.securitytracker.com/id/1037325 | x_refsource_MISC | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Symantec | Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360 |
Version: before 22.7 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:58.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
"vendor": "Symantec",
"versions": [
{
"status": "affected",
"version": "before 22.7"
}
]
},
{
"product": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
"vendor": "Symantec",
"versions": [
{
"status": "affected",
"version": "before 22.8.0.50"
}
]
}
],
"datePublic": "2016-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "untrusted search path",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-09T19:30:52",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-5311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
"version": {
"version_data": [
{
"version_value": "before 22.7"
}
]
}
},
{
"product_name": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
"version": {
"version_data": [
{
"version_value": "before 22.8.0.50"
}
]
}
}
]
},
"vendor_name": "Symantec"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "untrusted search path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/94295",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/94295"
},
{
"name": "http://www.securitytracker.com/id/1037323",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037323"
},
{
"name": "http://www.securitytracker.com/id/1037324",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037324"
},
{
"name": "http://www.securitytracker.com/id/1037325",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037325"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-5311",
"datePublished": "2020-01-09T19:30:52",
"dateReserved": "2016-06-06T00:00:00",
"dateUpdated": "2024-08-06T01:00:58.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-4348
Vulnerability from cvelistv5
Published
2012-12-18 20:00
Modified
2024-08-06 20:35
Severity ?
EPSS score ?
Summary
The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121210_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/56846 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1027863 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.115Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
},
{
"name": "56846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56846"
},
{
"name": "1027863",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027863"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
},
{
"name": "56846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56846"
},
{
"name": "1027863",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027863"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4348",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
},
{
"name": "56846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56846"
},
{
"name": "1027863",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027863"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4348",
"datePublished": "2012-12-18T20:00:00",
"dateReserved": "2012-08-16T00:00:00",
"dateUpdated": "2024-08-06T20:35:09.115Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12758
Vulnerability from cvelistv5
Published
2019-11-15 17:37
Modified
2024-08-04 23:32
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection |
Version: prior to 14.2 RU2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:54.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://safebreach.com/Post/Symantec-Endpoint-Protection-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-12758"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "prior to 14.2 RU2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unsigned Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-18T19:49:22",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://safebreach.com/Post/Symantec-Endpoint-Protection-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-12758"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2019-12758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "prior to 14.2 RU2"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to an unsigned code execution vulnerability, which may allow an individual to execute code without a resident proper digital signature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unsigned Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1488.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1488.html"
},
{
"name": "https://safebreach.com/Post/Symantec-Endpoint-Protection-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-12758",
"refsource": "MISC",
"url": "https://safebreach.com/Post/Symantec-Endpoint-Protection-Self-Defense-Bypass-and-Potential-Usages-CVE-2019-12758"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2019-12758",
"datePublished": "2019-11-15T17:37:43",
"dateReserved": "2019-06-06T00:00:00",
"dateUpdated": "2024-08-04T23:32:54.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2211
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91438 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91438"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91438"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-2211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91438"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-2211",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-02-02T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12750
Vulnerability from cvelistv5
Published
2019-07-31 17:42
Modified
2024-08-04 23:32
Severity ?
EPSS score ?
Summary
Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1487.html | x_refsource_MISC | |
| http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html | x_refsource_MISC | |
| http://seclists.org/fulldisclosure/2019/Dec/11 | mailing-list, x_refsource_FULLDISC | |
| http://seclists.org/fulldisclosure/2019/Dec/21 | mailing-list, x_refsource_FULLDISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Symantec Endpoint Protection, Symantec Endpoint Protection Small Business Edition |
Version: Prior to 14.2 RU1 & 12.1 RU6 MP10, Prior to 12.1 RU6 MP10c (12.1.7491.7002) |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:32:54.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1487.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html"
},
{
"name": "20191206 Symantec Endoint Security LPE CVE-2019-12750",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/11"
},
{
"name": "20191213 CVE-2019-12750 - Exploitation Write-ups",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/21"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection, Symantec Endpoint Protection Small Business Edition",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU1 \u0026 12.1 RU6 MP10, Prior to 12.1 RU6 MP10c (12.1.7491.7002)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.2 RU1 \u0026 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T19:06:07",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1487.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html"
},
{
"name": "20191206 Symantec Endoint Security LPE CVE-2019-12750",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/11"
},
{
"name": "20191213 CVE-2019-12750 - Exploitation Write-ups",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Dec/21"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2019-12750",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection, Symantec Endpoint Protection Small Business Edition",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU1 \u0026 12.1 RU6 MP10, Prior to 12.1 RU6 MP10c (12.1.7491.7002)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.2 RU1 \u0026 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1487.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1487.html"
},
{
"name": "http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html"
},
{
"name": "20191206 Symantec Endoint Security LPE CVE-2019-12750",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Dec/11"
},
{
"name": "20191213 CVE-2019-12750 - Exploitation Write-ups",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Dec/21"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2019-12750",
"datePublished": "2019-07-31T17:42:08",
"dateReserved": "2019-06-06T00:00:00",
"dateUpdated": "2024-08-04T23:32:54.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2210
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40032/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/91437 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40032",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"name": "91437",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91437"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40032",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"name": "91437",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91437"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-2210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40032",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"name": "91437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91437"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-2210",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-02-02T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}