Search criteria
45 vulnerabilities found for enterprise_firewall by symantec
CVE-2002-2294 (GCVE-0-2002-2294)
Vulnerability from cvelistv5 – Published: 2007-10-18 10:00 – Updated: 2024-08-08 03:59
VLAI?
Summary
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2294",
"datePublished": "2007-10-18T10:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4422 (GCVE-0-2007-4422)
Vulnerability from cvelistv5 – Published: 2007-08-18 21:00 – Updated: 2024-08-07 14:53
VLAI?
Summary
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26511"
},
{
"name": "1018578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018578"
},
{
"name": "25338",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25338"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
},
{
"name": "36489",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36489"
},
{
"name": "sef-username-enumeration(36081)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
},
{
"name": "ADV-2007-2909",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2909"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26511"
},
{
"name": "1018578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018578"
},
{
"name": "25338",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25338"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
},
{
"name": "36489",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36489"
},
{
"name": "sef-username-enumeration(36081)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
},
{
"name": "ADV-2007-2909",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2909"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26511"
},
{
"name": "1018578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018578"
},
{
"name": "25338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25338"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
},
{
"name": "36489",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36489"
},
{
"name": "sef-username-enumeration(36081)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
},
{
"name": "ADV-2007-2909",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2909"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4422",
"datePublished": "2007-08-18T21:00:00",
"dateReserved": "2007-08-18T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2341 (GCVE-0-2006-2341)
Vulnerability from cvelistv5 – Published: 2006-05-12 01:00 – Updated: 2024-08-07 17:43
VLAI?
Summary
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:29.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
},
{
"name": "symantec-firewall-proxy-ip-disclosure(26370)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
},
{
"name": "17936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17936"
},
{
"name": "ADV-2006-1764",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1764"
},
{
"name": "1016057",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016057"
},
{
"name": "1016058",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016058"
},
{
"name": "20082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20082"
},
{
"name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
},
{
"name": "symantec-firewall-proxy-ip-disclosure(26370)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
},
{
"name": "17936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17936"
},
{
"name": "ADV-2006-1764",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1764"
},
{
"name": "1016057",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016057"
},
{
"name": "1016058",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016058"
},
{
"name": "20082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20082"
},
{
"name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
},
{
"name": "symantec-firewall-proxy-ip-disclosure(26370)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
},
{
"name": "17936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17936"
},
{
"name": "ADV-2006-1764",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1764"
},
{
"name": "1016057",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016057"
},
{
"name": "1016058",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016058"
},
{
"name": "20082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20082"
},
{
"name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2341",
"datePublished": "2006-05-12T01:00:00",
"dateReserved": "2006-05-11T00:00:00",
"dateUpdated": "2024-08-07T17:43:29.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3768 (GCVE-0-2005-3768)
Vulnerability from cvelistv5 – Published: 2005-11-23 00:00 – Updated: 2024-08-07 23:24
VLAI?
Summary
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:24:36.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015247",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015247"
},
{
"name": "17684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17684"
},
{
"name": "ADV-2005-2517",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2517"
},
{
"name": "1015249",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
},
{
"name": "1015248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015248"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015247",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015247"
},
{
"name": "17684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17684"
},
{
"name": "ADV-2005-2517",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2517"
},
{
"name": "1015249",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
},
{
"name": "1015248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015248"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015247",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015247"
},
{
"name": "17684",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17684"
},
{
"name": "ADV-2005-2517",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2517"
},
{
"name": "1015249",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015249"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
},
{
"name": "1015248",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015248"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3768",
"datePublished": "2005-11-23T00:00:00",
"dateReserved": "2005-11-22T00:00:00",
"dateUpdated": "2024-08-07T23:24:36.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0369 (GCVE-0-2004-0369)
Vulnerability from cvelistv5 – Published: 2005-04-14 04:00 – Updated: 2024-08-08 00:17
VLAI?
Summary
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ESB-2004.0538",
"tags": [
"third-party-advisory",
"x_refsource_AUSCERT",
"x_transferred"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ESB-2004.0538",
"tags": [
"third-party-advisory",
"x_refsource_AUSCERT"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11039"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ESB-2004.0538",
"refsource": "AUSCERT",
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11039"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0369",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2004-03-24T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0817 (GCVE-0-2005-0817)
Vulnerability from cvelistv5 – Published: 2005-03-20 05:00 – Updated: 2024-08-07 21:28
VLAI?
Summary
Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:28.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sef-dns-spoofing(16423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14595"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sef-dns-spoofing(16423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14595"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sef-dns-spoofing(16423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"name": "http://www.isc.sans.org/diary.php?date=2005-03-04",
"refsource": "MISC",
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14595"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0817",
"datePublished": "2005-03-20T05:00:00",
"dateReserved": "2005-03-20T00:00:00",
"dateUpdated": "2024-08-07T21:28:28.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1754 (GCVE-0-2004-1754)
Vulnerability from cvelistv5 – Published: 2005-03-09 05:00 – Updated: 2024-08-08 01:00
VLAI?
Summary
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
},
{
"name": "10557",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10557"
},
{
"name": "11888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11888"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:39:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
},
{
"name": "10557",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10557"
},
{
"name": "11888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11888"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
},
{
"name": "10557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10557"
},
{
"name": "11888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11888"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1754",
"datePublished": "2005-03-09T05:00:00",
"dateReserved": "2005-03-09T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1029 (GCVE-0-2004-1029)
Vulnerability from cvelistv5 – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI?
Summary
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"name": "oval:org.mitre.oval:def:5674",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
},
{
"name": "APPLE-SA-2005-02-22",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "13271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13271"
},
{
"name": "29035",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29035"
},
{
"name": "61",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/61"
},
{
"name": "12317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12317"
},
{
"name": "ADV-2008-0599",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"name": "sdk-jre-applet-restriction-bypass(18188)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"name": "101523",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"name": "VU#760344",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"name": "57591",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"name": "oval:org.mitre.oval:def:5674",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
},
{
"name": "APPLE-SA-2005-02-22",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "13271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13271"
},
{
"name": "29035",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29035"
},
{
"name": "61",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/61"
},
{
"name": "12317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12317"
},
{
"name": "ADV-2008-0599",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"name": "sdk-jre-applet-restriction-bypass(18188)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"name": "101523",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"name": "VU#760344",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"name": "57591",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"name": "http://jouko.iki.fi/adv/javaplugin.html",
"refsource": "MISC",
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"name": "oval:org.mitre.oval:def:5674",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
},
{
"name": "APPLE-SA-2005-02-22",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
},
{
"name": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html",
"refsource": "CONFIRM",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "13271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13271"
},
{
"name": "29035",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29035"
},
{
"name": "61",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/61"
},
{
"name": "12317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12317"
},
{
"name": "ADV-2008-0599",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"name": "sdk-jre-applet-restriction-bypass(18188)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"name": "101523",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"name": "VU#760344",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"name": "57591",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1029",
"datePublished": "2004-11-24T05:00:00",
"dateReserved": "2004-11-12T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1463 (GCVE-0-2002-1463)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:26
VLAI?
Summary
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/855"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/855"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/855"
},
{
"name": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1463",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-05T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0990 (GCVE-0-2002-0990)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "simple-webserver-url-dos(10364)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "simple-webserver-url-dos(10364)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "simple-webserver-url-dos(10364)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0990",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-08-27T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0302 (GCVE-0-2002-0302)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
VLAI?
Summary
The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4139",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4139"
},
{
"name": "sef-snmp-notify-loss(8253)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
},
{
"name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4139",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4139"
},
{
"name": "sef-snmp-notify-loss(8253)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
},
{
"name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4139",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4139"
},
{
"name": "sef-snmp-notify-loss(8253)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
},
{
"name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0302",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T02:42:28.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2294 (GCVE-0-2002-2294)
Vulnerability from nvd – Published: 2007-10-18 10:00 – Updated: 2024-08-08 03:59
VLAI?
Summary
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6389"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6389"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2294",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2002.12.12.html"
},
{
"name": "sef-realaudio-proxy-bo(10862)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10862"
},
{
"name": "6389",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6389"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2294",
"datePublished": "2007-10-18T10:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4422 (GCVE-0-2007-4422)
Vulnerability from nvd – Published: 2007-08-18 21:00 – Updated: 2024-08-07 14:53
VLAI?
Summary
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:53:55.981Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26511"
},
{
"name": "1018578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018578"
},
{
"name": "25338",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25338"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
},
{
"name": "36489",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36489"
},
{
"name": "sef-username-enumeration(36081)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
},
{
"name": "ADV-2007-2909",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2909"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26511"
},
{
"name": "1018578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018578"
},
{
"name": "25338",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25338"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
},
{
"name": "36489",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36489"
},
{
"name": "sef-username-enumeration(36081)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
},
{
"name": "ADV-2007-2909",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2909"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26511"
},
{
"name": "1018578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018578"
},
{
"name": "25338",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25338"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
},
{
"name": "36489",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36489"
},
{
"name": "sef-username-enumeration(36081)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
},
{
"name": "ADV-2007-2909",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2909"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4422",
"datePublished": "2007-08-18T21:00:00",
"dateReserved": "2007-08-18T00:00:00",
"dateUpdated": "2024-08-07T14:53:55.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2341 (GCVE-0-2006-2341)
Vulnerability from nvd – Published: 2006-05-12 01:00 – Updated: 2024-08-07 17:43
VLAI?
Summary
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:29.239Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
},
{
"name": "symantec-firewall-proxy-ip-disclosure(26370)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
},
{
"name": "17936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17936"
},
{
"name": "ADV-2006-1764",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1764"
},
{
"name": "1016057",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016057"
},
{
"name": "1016058",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016058"
},
{
"name": "20082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20082"
},
{
"name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
},
{
"name": "symantec-firewall-proxy-ip-disclosure(26370)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
},
{
"name": "17936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17936"
},
{
"name": "ADV-2006-1764",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1764"
},
{
"name": "1016057",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016057"
},
{
"name": "1016058",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016058"
},
{
"name": "20082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20082"
},
{
"name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2341",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
},
{
"name": "symantec-firewall-proxy-ip-disclosure(26370)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
},
{
"name": "17936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17936"
},
{
"name": "ADV-2006-1764",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1764"
},
{
"name": "1016057",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016057"
},
{
"name": "1016058",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016058"
},
{
"name": "20082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20082"
},
{
"name": "20060512 SEC Consult SA-20060512-0 :: Symantec Enterprise Firewall NAT/HTTP Proxy Private IP Exposure",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2341",
"datePublished": "2006-05-12T01:00:00",
"dateReserved": "2006-05-11T00:00:00",
"dateUpdated": "2024-08-07T17:43:29.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3768 (GCVE-0-2005-3768)
Vulnerability from nvd – Published: 2005-11-23 00:00 – Updated: 2024-08-07 23:24
VLAI?
Summary
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:24:36.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015247",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015247"
},
{
"name": "17684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17684"
},
{
"name": "ADV-2005-2517",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2517"
},
{
"name": "1015249",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015249"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
},
{
"name": "1015248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015248"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015247",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015247"
},
{
"name": "17684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17684"
},
{
"name": "ADV-2005-2517",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2517"
},
{
"name": "1015249",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015249"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
},
{
"name": "1015248",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015248"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3768",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015247",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015247"
},
{
"name": "17684",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17684"
},
{
"name": "ADV-2005-2517",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2517"
},
{
"name": "1015249",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015249"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
},
{
"name": "1015248",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015248"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3768",
"datePublished": "2005-11-23T00:00:00",
"dateReserved": "2005-11-22T00:00:00",
"dateUpdated": "2024-08-07T23:24:36.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0369 (GCVE-0-2004-0369)
Vulnerability from nvd – Published: 2005-04-14 04:00 – Updated: 2024-08-08 00:17
VLAI?
Summary
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ESB-2004.0538",
"tags": [
"third-party-advisory",
"x_refsource_AUSCERT",
"x_transferred"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11039"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ESB-2004.0538",
"tags": [
"third-party-advisory",
"x_refsource_AUSCERT"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11039"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ESB-2004.0538",
"refsource": "AUSCERT",
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"name": "isakmp-spi-size-bo(15669)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"name": "20040826 Entrust LibKmp Library Buffer Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"name": "O-206",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"name": "11039",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11039"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0369",
"datePublished": "2005-04-14T04:00:00",
"dateReserved": "2004-03-24T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0817 (GCVE-0-2005-0817)
Vulnerability from nvd – Published: 2005-03-20 05:00 – Updated: 2024-08-07 21:28
VLAI?
Summary
Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:28:28.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "sef-dns-spoofing(16423)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14595"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "sef-dns-spoofing(16423)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14595"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "sef-dns-spoofing(16423)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"name": "http://www.isc.sans.org/diary.php?date=2005-03-04",
"refsource": "MISC",
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"name": "symantec-dnsdproxy-redirect(44530)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"name": "1013451",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013451"
},
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"name": "14595",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14595"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0817",
"datePublished": "2005-03-20T05:00:00",
"dateReserved": "2005-03-20T00:00:00",
"dateUpdated": "2024-08-07T21:28:28.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1754 (GCVE-0-2004-1754)
Vulnerability from nvd – Published: 2005-03-09 05:00 – Updated: 2024-08-08 01:00
VLAI?
Summary
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
},
{
"name": "10557",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10557"
},
{
"name": "11888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11888"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:39:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
},
{
"name": "10557",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10557"
},
{
"name": "11888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11888"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1754",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040615 Symantec Enterprise Firewall DNSD cache poisoning Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
},
{
"name": "10557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10557"
},
{
"name": "11888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11888"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1754",
"datePublished": "2005-03-09T05:00:00",
"dateReserved": "2005-03-09T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1029 (GCVE-0-2004-1029)
Vulnerability from nvd – Published: 2004-11-24 05:00 – Updated: 2024-08-08 00:39
VLAI?
Summary
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.544Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"name": "oval:org.mitre.oval:def:5674",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
},
{
"name": "APPLE-SA-2005-02-22",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "13271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13271"
},
{
"name": "29035",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29035"
},
{
"name": "61",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/61"
},
{
"name": "12317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12317"
},
{
"name": "ADV-2008-0599",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"name": "sdk-jre-applet-restriction-bypass(18188)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"name": "101523",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"name": "VU#760344",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"name": "57591",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"name": "oval:org.mitre.oval:def:5674",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
},
{
"name": "APPLE-SA-2005-02-22",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "13271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13271"
},
{
"name": "29035",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29035"
},
{
"name": "61",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/61"
},
{
"name": "12317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12317"
},
{
"name": "ADV-2008-0599",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"name": "sdk-jre-applet-restriction-bypass(18188)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"name": "101523",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"name": "VU#760344",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"name": "57591",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1029",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20041122 Sun Java Plugin Arbitrary Package Access Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"name": "http://jouko.iki.fi/adv/javaplugin.html",
"refsource": "MISC",
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"name": "oval:org.mitre.oval:def:5674",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
},
{
"name": "APPLE-SA-2005-02-22",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
},
{
"name": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html",
"refsource": "CONFIRM",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"name": "13271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13271"
},
{
"name": "29035",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29035"
},
{
"name": "61",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/61"
},
{
"name": "12317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12317"
},
{
"name": "ADV-2008-0599",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"name": "sdk-jre-applet-restriction-bypass(18188)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"name": "101523",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"name": "VU#760344",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"name": "57591",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1029",
"datePublished": "2004-11-24T05:00:00",
"dateReserved": "2004-11-12T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1463 (GCVE-0-2002-1463)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:26
VLAI?
Summary
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/855"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-08-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2004-08-18T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/855"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020802 Security Advisory: Raptor Firewall Weak ISN Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"name": "5387",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5387"
},
{
"name": "symantec-tcp-seq-predict(12836)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"name": "855",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/855"
},
{
"name": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1463",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-05T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0990 (GCVE-0-2002-0990)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:12
VLAI?
Summary
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.897Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "simple-webserver-url-dos(10364)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "simple-webserver-url-dos(10364)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "simple-webserver-url-dos(10364)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10364.php"
},
{
"name": "20021014 Multiple Symantec Firewall Secure Webserver timeout DoS",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103463869503124\u0026w=2"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11.html"
},
{
"name": "5958",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0990",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-08-27T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.897Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0302 (GCVE-0-2002-0302)
Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:42
VLAI?
Summary
The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:42:28.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4139",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4139"
},
{
"name": "sef-snmp-notify-loss(8253)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
},
{
"name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-20T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4139",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4139"
},
{
"name": "sef-snmp-notify-loss(8253)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
},
{
"name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0302",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4139",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4139"
},
{
"name": "sef-snmp-notify-loss(8253)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8253"
},
{
"name": "20020220 Symantec Enterprise Firewall (SEF) Notify Daemon data loss via SN MP",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=101424225814604\u0026w=2"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.02.20a.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0302",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T02:42:28.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2007-4422
Vulnerability from fkie_nvd - Published: 2007-08-18 21:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/26511 | ||
| cve@mitre.org | http://www.osvdb.org/36489 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/25338 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1018578 | ||
| cve@mitre.org | http://www.symantec.com/avcenter/security/Content/2007.08.16.html | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/2909 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/36081 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/26511 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/36489 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/25338 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1018578 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/avcenter/security/Content/2007.08.16.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/2909 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/36081 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:6:*:*:*:*:*:*:*",
"matchCriteriaId": "36FCB8BD-078C-43A1-8F85-4F5974D617DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames."
},
{
"lang": "es",
"value": "La interfaz de inicio de sesi\u00f3n en Symantec Enterprise Firewall 6.x, cuando est\u00e1 habilitada la VPN con autenticaci\u00f3n por clave compartida previamente (pre-shared key o PSK), genera diferentes respuestas dependiendo de si un nombre de usuario es v\u00e1lido o no, lo cual permite a atacantes remotos enumerar nombres de usuario v\u00e1lidos."
}
],
"id": "CVE-2007-4422",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-08-18T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26511"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/36489"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25338"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018578"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2909"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/36489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-2341
Vulnerability from fkie_nvd - Published: 2006-05-12 01:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/20082 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1016057 | Patch | |
| cve@mitre.org | http://securitytracker.com/id?1016058 | Patch | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/433876/30/5040/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/17936 | Exploit | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2006/1764 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/26370 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/20082 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016057 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016058 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/433876/30/5040/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/17936 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/1764 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/26370 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 8.0 | |
| symantec | gateway_security | 2.0.1 | |
| symantec | gateway_security | 3.0 | |
| symantec | gateway_security | 5000_series_2.0.1 | |
| symantec | gateway_security | 5000_series_3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593124AA-5952-4A7E-AB55-D5D851C5DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "031C9545-1CF1-46EF-B79C-7AD69E1B1C82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:gateway_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA50974-633C-40EF-B11D-4897E4CD44D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5000_series_2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "00163129-F72A-4C56-A4E4-D254ED71FB63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5000_series_3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97BE5E88-1DA6-48A7-9811-97EE6582A627",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI."
}
],
"id": "CVE-2006-2341",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-05-12T01:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20082"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016057"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016058"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/17936"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1764"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20082"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.05.10.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/433876/30/5040/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/17936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26370"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-3768
Vulnerability from fkie_nvd - Published: 2005-11-23 00:03 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/17684 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1015247 | Patch | |
| cve@mitre.org | http://securitytracker.com/id?1015248 | Patch | |
| cve@mitre.org | http://securitytracker.com/id?1015249 | Patch | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2005/2517 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17684 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015247 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015248 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015249 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2517 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | firewall_vpn_appliance_100 | * | |
| symantec | firewall_vpn_appliance_200 | * | |
| symantec | gateway_security_300 | 2.0 | |
| symantec | gateway_security_400 | 2.0 | |
| symantec | gateway_security_5000_series | 3.0 | |
| symantec | gateway_security_5100 | * | |
| symantec | gateway_security_5300 | 1.0 | |
| symantec | gateway_security_5310 | 1.0 | |
| symantec | gateway_security_5400 | 2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "F66D6BB6-2355-4644-8A18-725F9E970EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "055150B1-5B11-48D1-932C-26C85DF44E07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5851263-81A6-40AE-8486-E919D5279CC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E0D3199-365E-4D26-8D23-6492832EF096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F982965-056D-4253-9CEA-31424AF4B55F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF372CA-8FC2-47DD-A3A1-E437CC7D80CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2362A590-7443-4E50-8F8F-D89165B4F2C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F82B2D6F-EF56-4B62-9784-CF826AC480CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77DA55C0-AD93-429D-AC52-E1E0F35C25D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
}
],
"id": "CVE-2005-3768",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-23T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17684"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015247"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015248"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015249"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2517"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015248"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2517"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2005-0817
Vulnerability from fkie_nvd - Published: 2005-05-02 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html | ||
| cve@mitre.org | http://secunia.com/advisories/14595 | ||
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1013451 | ||
| cve@mitre.org | http://www.isc.sans.org/diary.php?date=2005-03-04 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/16423 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/44530 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14595 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1013451 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.isc.sans.org/diary.php?date=2005-03-04 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/16423 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/44530 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 7.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | velociraptor | model_1300 | |
| symantec | gateway_security_5300 | 1.0 | |
| symantec | gateway_security_5400 | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "55B40C3E-2794-4310-97BC-D80069992C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593124AA-5952-4A7E-AB55-D5D851C5DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A2EDF6-46FF-4EF5-A37A-AAD06B9A51D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B7CF42-F93E-48E6-BCD2-30B357F80DDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites."
}
],
"id": "CVE-2005-0817",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/14595"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1013451"
},
{
"source": "cve@mitre.org",
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/14595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1013451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.isc.sans.org/diary.php?date=2005-03-04"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16423"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44530"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-1029
Vulnerability from fkie_nvd - Published: 2005-03-01 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://jouko.iki.fi/adv/javaplugin.html | ||
| cve@mitre.org | http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html | ||
| cve@mitre.org | http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html | ||
| cve@mitre.org | http://secunia.com/advisories/13271 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/29035 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/61 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1 | Patch, Vendor Advisory | |
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 | Patch, Vendor Advisory | |
| cve@mitre.org | http://www-1.ibm.com/support/docview.wss?uid=swg21257249 | ||
| cve@mitre.org | http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/760344 | US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/12317 | Patch | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2008/0599 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/18188 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://jouko.iki.fi/adv/javaplugin.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/13271 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/29035 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/61 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-1.ibm.com/support/docview.wss?uid=swg21257249 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/760344 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/12317 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2008/0599 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/18188 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | java_sdk-rte | 1.3 | |
| hp | java_sdk-rte | 1.4 | |
| sun | jdk | 1.3.1_01 | |
| sun | jdk | 1.3.1_01 | |
| sun | jdk | 1.3.1_01a | |
| sun | jdk | 1.3.1_02 | |
| sun | jdk | 1.3.1_02 | |
| sun | jdk | 1.3.1_02 | |
| sun | jdk | 1.3.1_03 | |
| sun | jdk | 1.3.1_03 | |
| sun | jdk | 1.3.1_03 | |
| sun | jdk | 1.3.1_04 | |
| sun | jdk | 1.3.1_05 | |
| sun | jdk | 1.3.1_05 | |
| sun | jdk | 1.3.1_05 | |
| sun | jdk | 1.3.1_06 | |
| sun | jdk | 1.3.1_06 | |
| sun | jdk | 1.3.1_06 | |
| sun | jdk | 1.3.1_07 | |
| sun | jdk | 1.3.1_07 | |
| sun | jdk | 1.3.1_07 | |
| sun | jdk | 1.4 | |
| sun | jdk | 1.4 | |
| sun | jdk | 1.4 | |
| sun | jdk | 1.4.0_01 | |
| sun | jdk | 1.4.0_02 | |
| sun | jdk | 1.4.0_02 | |
| sun | jdk | 1.4.0_02 | |
| sun | jdk | 1.4.0_03 | |
| sun | jdk | 1.4.0_03 | |
| sun | jdk | 1.4.0_03 | |
| sun | jdk | 1.4.0_4 | |
| sun | jdk | 1.4.0_4 | |
| sun | jdk | 1.4.0_4 | |
| sun | jdk | 1.4.1 | |
| sun | jdk | 1.4.1 | |
| sun | jdk | 1.4.1 | |
| sun | jdk | 1.4.1_01 | |
| sun | jdk | 1.4.1_01 | |
| sun | jdk | 1.4.1_01 | |
| sun | jdk | 1.4.1_02 | |
| sun | jdk | 1.4.1_02 | |
| sun | jdk | 1.4.1_02 | |
| sun | jdk | 1.4.1_03 | |
| sun | jdk | 1.4.1_03 | |
| sun | jdk | 1.4.1_03 | |
| sun | jdk | 1.4.2 | |
| sun | jdk | 1.4.2 | |
| sun | jdk | 1.4.2 | |
| sun | jdk | 1.4.2_01 | |
| sun | jdk | 1.4.2_02 | |
| sun | jdk | 1.4.2_03 | |
| sun | jdk | 1.4.2_03 | |
| sun | jdk | 1.4.2_03 | |
| sun | jdk | 1.4.2_04 | |
| sun | jdk | 1.4.2_04 | |
| sun | jdk | 1.4.2_04 | |
| sun | jdk | 1.4.2_05 | |
| sun | jdk | 1.4.2_05 | |
| sun | jdk | 1.4.2_05 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.0 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1 | |
| sun | jre | 1.3.1_02 | |
| sun | jre | 1.3.1_02 | |
| sun | jre | 1.3.1_02 | |
| sun | jre | 1.3.1_03 | |
| sun | jre | 1.3.1_03 | |
| sun | jre | 1.3.1_03 | |
| sun | jre | 1.3.1_05 | |
| sun | jre | 1.3.1_05 | |
| sun | jre | 1.3.1_05 | |
| sun | jre | 1.3.1_06 | |
| sun | jre | 1.3.1_06 | |
| sun | jre | 1.3.1_06 | |
| sun | jre | 1.3.1_07 | |
| sun | jre | 1.3.1_07 | |
| sun | jre | 1.3.1_07 | |
| sun | jre | 1.3.1_09 | |
| sun | jre | 1.3.1_09 | |
| sun | jre | 1.3.1_09 | |
| sun | jre | 1.4 | |
| sun | jre | 1.4 | |
| sun | jre | 1.4 | |
| sun | jre | 1.4.0_01 | |
| sun | jre | 1.4.0_01 | |
| sun | jre | 1.4.0_02 | |
| sun | jre | 1.4.0_02 | |
| sun | jre | 1.4.0_02 | |
| sun | jre | 1.4.0_03 | |
| sun | jre | 1.4.0_03 | |
| sun | jre | 1.4.0_03 | |
| sun | jre | 1.4.0_04 | |
| sun | jre | 1.4.0_04 | |
| sun | jre | 1.4.0_04 | |
| sun | jre | 1.4.1 | |
| sun | jre | 1.4.1 | |
| sun | jre | 1.4.1 | |
| sun | jre | 1.4.1 | |
| sun | jre | 1.4.1 | |
| sun | jre | 1.4.1 | |
| sun | jre | 1.4.1_01 | |
| sun | jre | 1.4.1_01 | |
| sun | jre | 1.4.1_01 | |
| sun | jre | 1.4.1_02 | |
| sun | jre | 1.4.1_02 | |
| sun | jre | 1.4.1_02 | |
| sun | jre | 1.4.1_07 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| sun | jre | 1.4.2 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| conectiva | linux | 10.0 | |
| gentoo | linux | * | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.11 | |
| hp | hp-ux | 11.22 | |
| hp | hp-ux | 11.23 | |
| symantec | gateway_security_5400 | 2.0 | |
| symantec | gateway_security_5400 | 2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:java_sdk-rte:1.3:*:hp-ux_pa-risc:*:*:*:*:*",
"matchCriteriaId": "071B3C37-AD2C-4FA5-84C1-790264D51F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:java_sdk-rte:1.4:*:hp-ux_pa-risc:*:*:*:*:*",
"matchCriteriaId": "EEFEFB2F-D9CD-4609-B92A-A24F6143DF6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_01:*:linux:*:*:*:*:*",
"matchCriteriaId": "7914F3C3-70D2-4528-8781-74F8EE2A672F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_01:*:solaris:*:*:*:*:*",
"matchCriteriaId": "C25FD66C-2B23-4A08-95A9-C026B6C7B334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_01a:*:windows:*:*:*:*:*",
"matchCriteriaId": "4EE03D61-ED9C-4E5A-8B8A-B9DE6D953A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "D60D0903-A74A-4366-9EEE-FE44324A5525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_02:*:solaris:*:*:*:*:*",
"matchCriteriaId": "BA9D3750-C44E-4416-8EF8-EBB3815871DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_02:*:windows:*:*:*:*:*",
"matchCriteriaId": "FE5001BA-BF6B-431E-B5E6-A0484B31DCA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_03:*:linux:*:*:*:*:*",
"matchCriteriaId": "91C7D131-506C-4AEC-A736-0E4D4C6DFED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_03:*:solaris:*:*:*:*:*",
"matchCriteriaId": "38B09D0A-D9E1-440C-9111-5E04D983F687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_03:*:windows:*:*:*:*:*",
"matchCriteriaId": "7C3BD547-71C6-4A69-9F98-AD082595B6C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_04:*:windows:*:*:*:*:*",
"matchCriteriaId": "66EE3DB6-55B2-44D6-AE20-D6F68294E2DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_05:*:linux:*:*:*:*:*",
"matchCriteriaId": "4229767D-F6B2-47A2-A1EA-CA86A10ECF17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_05:*:solaris:*:*:*:*:*",
"matchCriteriaId": "AA641432-0B20-4F91-A9C1-804BBE1E05D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_05:*:windows:*:*:*:*:*",
"matchCriteriaId": "2A23F13E-57BD-4D8D-A767-5D8BA4F24A88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_06:*:linux:*:*:*:*:*",
"matchCriteriaId": "88E78DC4-9952-431F-BA3D-32D942D12DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_06:*:solaris:*:*:*:*:*",
"matchCriteriaId": "3E46AAC2-F345-49E1-B20F-409B53DCAF0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_06:*:windows:*:*:*:*:*",
"matchCriteriaId": "3C3D0367-54C0-4036-A5C6-CEF3ECE01F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_07:*:linux:*:*:*:*:*",
"matchCriteriaId": "4F5D90B0-4068-4050-935A-1CBC822521D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_07:*:solaris:*:*:*:*:*",
"matchCriteriaId": "148EE76E-0382-42CD-89DD-C041BAB35B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.3.1_07:*:windows:*:*:*:*:*",
"matchCriteriaId": "9B47BF85-160E-4E5E-9821-9D6BFC1939C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4:*:linux:*:*:*:*:*",
"matchCriteriaId": "32CA2101-45D2-41D8-A11A-506683EDC0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4:*:solaris:*:*:*:*:*",
"matchCriteriaId": "2E449C78-3BFD-4F52-9EE2-3BC5FC27FBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "3C4BAD5A-329C-4C6F-B517-E7C95EEAEB99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_01:*:windows:*:*:*:*:*",
"matchCriteriaId": "64762803-D970-467D-A3B7-1879BC68E805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "AD97824E-C229-4530-A4E6-C4281E2580C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_02:*:solaris:*:*:*:*:*",
"matchCriteriaId": "B90BBCB8-7DF5-4801-8B43-197C2FB88823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_02:*:windows:*:*:*:*:*",
"matchCriteriaId": "666FE53E-C775-4D7D-98E0-C8638B2F2FAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_03:*:linux:*:*:*:*:*",
"matchCriteriaId": "99A889BD-01D8-491E-882A-C65EEF6A952B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_03:*:solaris:*:*:*:*:*",
"matchCriteriaId": "7713E276-D273-4AAB-B6BF-16279354A054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_03:*:windows:*:*:*:*:*",
"matchCriteriaId": "FCE8ADC0-49E9-4F56-9435-F823A1512F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_4:*:linux:*:*:*:*:*",
"matchCriteriaId": "8FAC216A-01DF-43CF-9430-4E979C950C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_4:*:solaris:*:*:*:*:*",
"matchCriteriaId": "F9D9F115-8E12-4658-95A6-FF70833DCAF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.0_4:*:windows:*:*:*:*:*",
"matchCriteriaId": "088448A2-83E7-4023-9575-520612B99634",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "C92F64D1-9916-44AC-8025-F116B70CD76A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "DF21C410-30BF-423D-979F-7B5682573E04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "BA9FCF82-886A-4C70-8107-FB5BE705DD45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_01:*:linux:*:*:*:*:*",
"matchCriteriaId": "50542C59-E3F7-476F-8938-0316BB3CE46F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_01:*:solaris:*:*:*:*:*",
"matchCriteriaId": "28C890E0-7230-4831-BDD4-B054662FD0C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_01:*:windows:*:*:*:*:*",
"matchCriteriaId": "89CF51EF-D1CC-44A7-80D7-954FE9866799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "7BD5DADC-20C9-46CE-B190-589DA9813A4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_02:*:solaris:*:*:*:*:*",
"matchCriteriaId": "E1C99007-713C-4AC4-A819-4C677B876D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_02:*:windows:*:*:*:*:*",
"matchCriteriaId": "ADD9EE28-7D16-4CD6-9F33-ECC7073F7FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_03:*:linux:*:*:*:*:*",
"matchCriteriaId": "342972F6-E888-43E6-B3B5-3B70AC6DB58F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_03:*:solaris:*:*:*:*:*",
"matchCriteriaId": "20F9F987-00B1-49D4-970A-98E0CAE05516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.1_03:*:windows:*:*:*:*:*",
"matchCriteriaId": "726D5907-547A-492E-9C66-BBA08B12506C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "37F8AA83-3B27-4EB5-BC5E-E541248F61F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A315C2C4-A6ED-4E09-8B36-9903C35438CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "CFEA5E04-78E2-47E6-90B8-536845343084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_01:*:linux:*:*:*:*:*",
"matchCriteriaId": "BF931660-BB60-4460-91E4-C4E63E46996D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "3AF426F2-93EF-4F2C-AD0C-8AB40AD72364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_03:*:linux:*:*:*:*:*",
"matchCriteriaId": "0998DD04-3BC7-4B64-89F5-C6FFECC2F9EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_03:*:solaris:*:*:*:*:*",
"matchCriteriaId": "B6A5803A-4AFF-4120-BF43-55DCE1B11172",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_03:*:windows:*:*:*:*:*",
"matchCriteriaId": "6819CEAB-536F-4E4D-8E69-934BD959759C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_04:*:linux:*:*:*:*:*",
"matchCriteriaId": "70DEC641-5BC0-45CF-BE6B-3B05E34A2DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_04:*:solaris:*:*:*:*:*",
"matchCriteriaId": "55AD8FB0-7C9B-4631-B55F-5F0B8AC28431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_04:*:windows:*:*:*:*:*",
"matchCriteriaId": "B048B00C-C447-4CD9-80E1-FAEEE0390F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_05:*:linux:*:*:*:*:*",
"matchCriteriaId": "3F17436E-94D7-40C2-AA1C-947973E8B824",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_05:*:solaris:*:*:*:*:*",
"matchCriteriaId": "3B8B6F66-9D6E-4F64-B4E9-32B46E0B3190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jdk:1.4.2_05:*:windows:*:*:*:*:*",
"matchCriteriaId": "6C77B29A-160F-44D6-B8E0-AFF4D9F4295F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "C80967B2-546E-4C20-8B0D-2B9BA0D5FE0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "36C3E5A4-7B4E-4DA3-A3B2-33ED7FDB7B0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "58EC15B8-4653-490D-8F3A-5AA5CDBA1DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update1:linux:*:*:*:*:*",
"matchCriteriaId": "51BB57BF-7996-45FE-A406-309ADEC4A052",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update2:linux:*:*:*:*:*",
"matchCriteriaId": "6B3248A9-A42D-47D7-9EF6-A68BB3F55096",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update2:solaris:*:*:*:*:*",
"matchCriteriaId": "5F54BFB9-ACE4-4C70-9D5E-C964A37B49D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update2:windows:*:*:*:*:*",
"matchCriteriaId": "F2255FF1-CD7F-416E-82CE-727A0D9B9B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update3:linux:*:*:*:*:*",
"matchCriteriaId": "701A80AC-E5BF-42FB-916B-5871E051AD51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update4:linux:*:*:*:*:*",
"matchCriteriaId": "6FB2E24F-7599-4438-BBF5-803A8F6F1CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update4:windows:*:*:*:*:*",
"matchCriteriaId": "6136361A-10B4-4DF0-A5E1-1A0E68008BFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update5:linux:*:*:*:*:*",
"matchCriteriaId": "6ED3AE5C-F50B-4ABE-AD92-D6F91E6F1D6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update5:solaris:*:*:*:*:*",
"matchCriteriaId": "DD448EDD-02A6-4902-8003-2C24490CDDEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.0:update5:windows:*:*:*:*:*",
"matchCriteriaId": "6668C814-CF6F-4684-B84E-F0E24C318677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "AB5A6F28-5B2E-4020-AC22-5FF1AB5DC0F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update1:linux:*:*:*:*:*",
"matchCriteriaId": "2458734D-2871-4104-B791-F12218A65CA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update1:solaris:*:*:*:*:*",
"matchCriteriaId": "CEB5308E-DFBE-4038-A618-F5448E7B590D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update1:windows:*:*:*:*:*",
"matchCriteriaId": "BF2F0F47-CB18-41EC-9500-9BCCBBF0055F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update1a:windows:*:*:*:*:*",
"matchCriteriaId": "CD25BB5F-16E0-48D8-BD6B-9AAA95EF84F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update4:solaris:*:*:*:*:*",
"matchCriteriaId": "C16614FE-919F-4141-A6F0-8E8F5D79FFDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update4:windows:*:*:*:*:*",
"matchCriteriaId": "6E75D769-12E0-47BD-AE43-4149F98371C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update8:linux:*:*:*:*:*",
"matchCriteriaId": "F1FD82E4-80AF-46B4-8C8C-96112623BD43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update8:solaris:*:*:*:*:*",
"matchCriteriaId": "B822A5B3-E32E-4113-90D8-039399B91842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1:update8:windows:*:*:*:*:*",
"matchCriteriaId": "921F085D-EBDB-42D3-A6D8-C64C26CA1432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "68CF8E07-EA3A-4116-B8DE-AF172DA12C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_02:*:solaris:*:*:*:*:*",
"matchCriteriaId": "96332693-1CA0-437D-9D38-3253477FF09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_02:*:windows:*:*:*:*:*",
"matchCriteriaId": "1253CBD8-6CBB-457F-BC39-93509A9D3207",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_03:*:linux:*:*:*:*:*",
"matchCriteriaId": "C1C8FAED-AD0F-4B28-A5EF-DBD6514D60CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_03:*:solaris:*:*:*:*:*",
"matchCriteriaId": "16C38B5F-673D-47F2-87C6-59B2CBF917BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_03:*:windows:*:*:*:*:*",
"matchCriteriaId": "78916851-B219-4E06-A35F-EAF3680A8F75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_05:*:linux:*:*:*:*:*",
"matchCriteriaId": "76CB2CF8-242B-4C09-9B1A-12C39E35AB18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_05:*:solaris:*:*:*:*:*",
"matchCriteriaId": "7B1A497B-BF46-4B5B-B4C4-1382319F2ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_05:*:windows:*:*:*:*:*",
"matchCriteriaId": "2E95B9F6-ADF2-47A5-A0AC-2A129A7A40CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_06:*:linux:*:*:*:*:*",
"matchCriteriaId": "193FE315-35A5-403A-BE00-3C33A6A36FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_06:*:solaris:*:*:*:*:*",
"matchCriteriaId": "51D7939D-6ABB-4300-9756-E744625BA8DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_06:*:windows:*:*:*:*:*",
"matchCriteriaId": "24AA6F4C-2B79-4575-AD80-90366A6506AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_07:*:linux:*:*:*:*:*",
"matchCriteriaId": "58A5F1ED-0851-4EAE-8F28-A0362B338625",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_07:*:solaris:*:*:*:*:*",
"matchCriteriaId": "58FEC521-16ED-4FE0-9191-1E0046F8CB46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_07:*:windows:*:*:*:*:*",
"matchCriteriaId": "73D0A70E-EA0B-42E5-BAC0-A400887B2F24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_09:*:linux:*:*:*:*:*",
"matchCriteriaId": "B6F96CC5-5801-44AF-961F-29930643A98E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_09:*:solaris:*:*:*:*:*",
"matchCriteriaId": "466EB563-C756-4F04-9B25-5852DFA747A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.3.1_09:*:windows:*:*:*:*:*",
"matchCriteriaId": "CF9D2AE0-DE2B-4FD1-ABA1-783515B2C4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4:*:linux:*:*:*:*:*",
"matchCriteriaId": "16EB847E-C18B-4B07-940D-C0E312D11365",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4:*:solaris:*:*:*:*:*",
"matchCriteriaId": "68727223-1523-467A-8AAA-ED3E4C6C4B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "682E551B-7B86-4161-84D5-6E1D9664A2A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_01:*:solaris:*:*:*:*:*",
"matchCriteriaId": "282FD7B0-6D3B-45A1-B717-15FB7A8128EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_01:*:windows:*:*:*:*:*",
"matchCriteriaId": "09F85CA0-99C0-489D-BFF7-45D97C9DFC09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "9E919686-B384-4C33-8264-18B5140BB526",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_02:*:solaris:*:*:*:*:*",
"matchCriteriaId": "A6980636-7B47-4AAF-B261-13E0704FABF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_02:*:windows:*:*:*:*:*",
"matchCriteriaId": "E14CBB9A-E9A4-4BAF-ADA9-DDCEEC93A0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_03:*:linux:*:*:*:*:*",
"matchCriteriaId": "4B652361-1C41-4C95-B92D-658BF7EA3C71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_03:*:solaris:*:*:*:*:*",
"matchCriteriaId": "54B0B095-269E-4566-BC50-60AAE568F2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_03:*:windows:*:*:*:*:*",
"matchCriteriaId": "E25DC9C3-60E9-4DBE-BE90-D0B04B63791A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_04:*:linux:*:*:*:*:*",
"matchCriteriaId": "99D8A546-E5A7-4958-846B-3822A64F1EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_04:*:solaris:*:*:*:*:*",
"matchCriteriaId": "888AE9B5-A998-4B59-99A3-F580A204D094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.0_04:*:windows:*:*:*:*:*",
"matchCriteriaId": "BAC8313C-8808-407D-A8F5-38995260039D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "B2F5A718-AB93-4C7F-80A8-9A90ECE2AC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1:*:solaris:*:*:*:*:*",
"matchCriteriaId": "C78AAFC5-05A6-47A2-A3B2-1B032C9169F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "8373EE84-FCAE-4CF7-BE9D-9588D05CA827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1:update3:linux:*:*:*:*:*",
"matchCriteriaId": "15EEE9A7-2472-47EF-B27B-5EBB8019853C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1:update3:solaris:*:*:*:*:*",
"matchCriteriaId": "0E7A4D91-8AC7-4092-910D-7DB2A962CA7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1:update3:windows:*:*:*:*:*",
"matchCriteriaId": "1CEBCC8A-4E92-4C7D-A237-11B582B7D01E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1_01:*:linux:*:*:*:*:*",
"matchCriteriaId": "66004554-1B7E-4C6B-9BD8-344417DC6E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1_01:*:solaris:*:*:*:*:*",
"matchCriteriaId": "1ADA6092-791D-4E94-954D-E3A7C944C1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1_01:*:windows:*:*:*:*:*",
"matchCriteriaId": "5A53C9BC-941F-4C33-853B-0847FED5555D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1_02:*:linux:*:*:*:*:*",
"matchCriteriaId": "81F98FE5-EC95-42AF-B8A0-D1DB6E7F2039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1_02:*:solaris:*:*:*:*:*",
"matchCriteriaId": "C888E7A0-9B40-4844-AE51-1A171E4C6A03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1_02:*:windows:*:*:*:*:*",
"matchCriteriaId": "6411CD53-1B04-4F13-82B6-F705FE74DAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.1_07:*:windows:*:*:*:*:*",
"matchCriteriaId": "43DBA862-7CC3-4CCA-94C9-AC34F11DF962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:linux:*:*:*:*:*",
"matchCriteriaId": "1D1C4B12-6949-4399-BC8D-3B018213FF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:solaris:*:*:*:*:*",
"matchCriteriaId": "C2D0C960-CB1B-497A-AD00-23DAA9F1B091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "905D148D-1D5E-4B43-AA1C-9B2CA11C03FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update1:linux:*:*:*:*:*",
"matchCriteriaId": "6A6BFFD2-ECBC-4018-BABB-CA5F37530C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update1:solaris:*:*:*:*:*",
"matchCriteriaId": "FA51551F-38C8-457C-81FC-5F98722049B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update1:windows:*:*:*:*:*",
"matchCriteriaId": "51021C43-C439-4D09-AE5F-88A5FAFDBDD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update2:linux:*:*:*:*:*",
"matchCriteriaId": "CF77B446-426C-4480-9B9A-DD98F7ED82AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update2:solaris:*:*:*:*:*",
"matchCriteriaId": "0A82749B-D28A-4C59-B30F-63092B139C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update2:windows:*:*:*:*:*",
"matchCriteriaId": "9705C47F-ED59-42A0-8B75-C534C7C982CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update3:linux:*:*:*:*:*",
"matchCriteriaId": "3F89801B-0FDF-4520-BDEE-ED6ED1BF49F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update3:solaris:*:*:*:*:*",
"matchCriteriaId": "886CC1D0-D7FB-4363-AC4E-AC8DFD37CBF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update3:windows:*:*:*:*:*",
"matchCriteriaId": "FC2844D6-9C67-4CAC-BCEB-0B15BEBC231F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update4:linux:*:*:*:*:*",
"matchCriteriaId": "82AD9323-B175-4A1B-A4E0-2EF8C60D39E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update4:solaris:*:*:*:*:*",
"matchCriteriaId": "A68926C4-4C4D-4BE9-8EF3-10C1E3479BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update4:windows:*:*:*:*:*",
"matchCriteriaId": "5F6BBD71-9910-457B-A884-7EABC3C34EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update5:linux:*:*:*:*:*",
"matchCriteriaId": "ED0E85FE-C504-451C-BD01-2F942D4F67C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update5:solaris:*:*:*:*:*",
"matchCriteriaId": "7258FCF5-CBC2-4392-BDA9-142FD6E40E48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:jre:1.4.2:update5:windows:*:*:*:*:*",
"matchCriteriaId": "8A7FC1CD-A1CF-4E8C-97EE-97231B8F22AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593124AA-5952-4A7E-AB55-D5D851C5DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "F66D6BB6-2355-4644-8A18-725F9E970EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "AD892E2E-E1C9-49A2-A42C-3B56F2B0BA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:conectiva:linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A35FC777-A34E-4C7B-9E93-8F17F3AD5180",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:ia64_64-bit:*:*:*:*:*",
"matchCriteriaId": "D73D159B-C3D8-4BBD-8BAA-E9E8D3AD3A04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B7CF42-F93E-48E6-BCD2-30B357F80DDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages."
}
],
"id": "CVE-2004-1029",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-03-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13271"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29035"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/61"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
},
{
"source": "cve@mitre.org",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12317"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jouko.iki.fi/adv/javaplugin.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/61"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21257249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=158\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/760344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5674"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-0369
Vulnerability from fkie_nvd - Published: 2004-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html | Vendor Advisory | |
| cve@mitre.org | http://www.auscert.org.au/render.html?it=4339 | Vendor Advisory | |
| cve@mitre.org | http://www.ciac.org/ciac/bulletins/o-206.shtml | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/11039 | ||
| cve@mitre.org | http://xforce.iss.net/xforce/alerts/id/181 | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/15669 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.auscert.org.au/render.html?it=4339 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ciac.org/ciac/bulletins/o-206.shtml | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/11039 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://xforce.iss.net/xforce/alerts/id/181 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/15669 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| entrust | entrust_libkmp_isakmp_library | * | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | enterprise_firewall | 7.0.4 | |
| symantec | enterprise_firewall | 7.0.4 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | velociraptor | 1.5 | |
| symantec | gateway_security_5300 | 1.0 | |
| symantec | gateway_security_5400 | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:entrust:entrust_libkmp_isakmp_library:*:*:*:*:*:*:*:*",
"matchCriteriaId": "302E62EC-C81E-4BD5-A8E0-0CC55F34BE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "8656778B-9299-436B-AF8A-64C042273751",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*",
"matchCriteriaId": "78A16B88-E49B-4C4C-A82E-03511C99872D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "30BE919C-A7DF-46C3-BFF6-F0452F0FC434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "F66D6BB6-2355-4644-8A18-725F9E970EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "AD892E2E-E1C9-49A2-A42C-3B56F2B0BA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C260200D-60D2-41E2-8F5C-50796EBBF8E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1B7CF42-F93E-48E6-BCD2-30B357F80DDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload."
}
],
"id": "CVE-2004-0369",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/11039"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.auscert.org.au/render.html?it=4339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ciac.org/ciac/bulletins/o-206.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/11039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15669"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-1754
Vulnerability from fkie_nvd - Published: 2004-06-15 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://lists.virus.org/bugtraq-0406/msg00234.html | Exploit, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/11888 | Patch, Vendor Advisory | |
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/10557 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.virus.org/bugtraq-0406/msg00234.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/11888 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/10557 | Exploit, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 7.0.4 | |
| symantec | enterprise_firewall | 7.0.4 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | gateway_security | 5110_1.0 | |
| symantec | gateway_security | 5200_1.0 | |
| symantec | gateway_security | 5300_1.0 | |
| symantec | gateway_security | 5310_1.0 | |
| symantec | gateway_security | 5400_2.0 | |
| symantec | gateway_security | 5400_2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:solaris:*:*:*:*:*",
"matchCriteriaId": "78A16B88-E49B-4C4C-A82E-03511C99872D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0.4:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "30BE919C-A7DF-46C3-BFF6-F0452F0FC434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "593124AA-5952-4A7E-AB55-D5D851C5DE0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "F66D6BB6-2355-4644-8A18-725F9E970EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows_2000_nt:*:*:*:*:*",
"matchCriteriaId": "AD892E2E-E1C9-49A2-A42C-3B56F2B0BA4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5110_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3B647CBE-35DA-404C-BC71-0C378CC5CA1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5200_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EB8A732-3D37-4B96-8674-E03CC3826967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5300_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F702A853-EE1C-4937-AED9-FF11EE442F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5310_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F0043B75-B1FA-48F7-B0B8-DF25CE5CED1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5400_2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B413854B-9D67-4FFA-81A7-884D3F473D06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5400_2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5838D7A8-80F3-4571-80BE-D4AF0AA7F4C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records."
}
],
"id": "CVE-2004-1754",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-06-15T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11888"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://lists.virus.org/bugtraq-0406/msg00234.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.06.21.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10557"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-1463
Vulnerability from fkie_nvd - Published: 2003-06-09 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.osvdb.org/855 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/5387 | ||
| cve@mitre.org | http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html | Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/12836 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/855 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5387 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/12836 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 6.5.2 | |
| symantec | enterprise_firewall | 7.0 | |
| symantec | raptor_firewall | 6.5 | |
| symantec | raptor_firewall | 6.5.3 | |
| symantec | velociraptor | model_500 | |
| symantec | velociraptor | model_700 | |
| symantec | velociraptor | model_1000 | |
| symantec | velociraptor | model_1100 | |
| symantec | velociraptor | model_1200 | |
| symantec | velociraptor | model_1300 | |
| symantec | gateway_security | 5110 | |
| symantec | gateway_security | 5200 | |
| symantec | gateway_security | 5300 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:6.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "60CD39A5-0059-4E17-8F4F-58F23589A408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_firewall:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "55B40C3E-2794-4310-97BC-D80069992C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2678E925-06BD-4C3F-8223-93E070B4035E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:raptor_firewall:6.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "53477F8E-F387-4266-88B7-1B1022E74F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_500:*:*:*:*:*:*:*",
"matchCriteriaId": "2BE710F1-F3AD-423B-A0DB-78D5F809D62E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_700:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F0486F-3101-4D7B-83C2-8E9F31802504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1000:*:*:*:*:*:*:*",
"matchCriteriaId": "155FE168-A185-4D4D-923B-207F0B26EE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1100:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB06031-2EF6-4E45-977D-F28D538FB773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1200:*:*:*:*:*:*:*",
"matchCriteriaId": "30475DFE-D476-4A6C-B851-139E927BAA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:velociraptor:model_1300:*:*:*:*:*:*:*",
"matchCriteriaId": "D9A2EDF6-46FF-4EF5-A37A-AAD06B9A51D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5110:*:*:*:*:*:*:*",
"matchCriteriaId": "7E42EDB2-616D-4915-9E41-7D80F32E4901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5200:*:*:*:*:*:*:*",
"matchCriteriaId": "1D1175AC-9310-4804-8FB3-2F988F55BD09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security:5300:*:*:*:*:*:*:*",
"matchCriteriaId": "FF09575E-83D3-4772-816B-7D639B1C32A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections."
},
{
"lang": "es",
"value": "Symantec Raptor Firewall 6.5 y 6.5.3, Enterprise Firewall 6.5.2 y 7.0, VelociRaptor modelos 500/700/1000 y 1100/1200/1300, y Gateway Security 5110/5200/5300 generan secuencias num\u00e9ricas iniciales (ISN) f\u00e1cilmente predecibles, lo que permitir\u00eda a atacantes remotos falsear conexiones."
}
],
"id": "CVE-2002-1463",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-06-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/855"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5387"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-07/0492.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12836"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}