All the vulnerabilites related to symantec - ngc
cve-2016-3644
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91431 | vdb-entry, x_refsource_BID | |
| https://www.exploit-db.com/exploits/40034/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91431",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91431"
},
{
"name": "40034",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40034/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91431",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91431"
},
{
"name": "40034",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40034/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91431",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91431"
},
{
"name": "40034",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40034/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-3644",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-03-23T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2207
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/91434 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40031/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "91434",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91434"
},
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40031",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40031/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "91434",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91434"
},
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40031",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40031/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-2207",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "91434",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91434"
},
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40031",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40031/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-2207",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-02-02T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3646
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/91435 | vdb-entry, x_refsource_BID | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40036/ | exploit, x_refsource_EXPLOIT-DB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "91435",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91435"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40036",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40036/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "91435",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91435"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40036",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40036/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-3646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "91435",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91435"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40036",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40036/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-3646",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-03-23T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2209
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.exploit-db.com/exploits/40037/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91436 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40037",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91436",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91436"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "40037",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91436",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91436"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-2209",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40037",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91436",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91436"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-2209",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-02-02T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-3645
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-06 00:03
Severity ?
EPSS score ?
Summary
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40035/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/91439 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:03:34.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40035",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40035",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"name": "91439",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91439"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-3645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40035",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"name": "91439",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91439"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-3645",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-03-23T00:00:00",
"dateUpdated": "2024-08-06T00:03:34.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2211
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/91438 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.599Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91438"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-31T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91438"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-2211",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "91438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91438"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-2211",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-02-02T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-2210
Vulnerability from cvelistv5
Published
2016-06-30 23:00
Modified
2024-08-05 23:24
Severity ?
EPSS score ?
Summary
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1036199 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1036198 | vdb-entry, x_refsource_SECTRACK | |
| https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | x_refsource_CONFIRM | |
| https://www.exploit-db.com/exploits/40032/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/bid/91437 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40032",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"name": "91437",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/91437"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-02T09:57:01",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"name": "1036199",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40032",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"name": "91437",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/91437"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-2210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1036199",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036199"
},
{
"name": "1036198",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1036198"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"name": "40032",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"name": "91437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91437"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-2210",
"datePublished": "2016-06-30T23:00:00",
"dateReserved": "2016-02-02T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
var-201606-0016
Vulnerability from variot
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression. plural Symantec The product decompression engine could execute arbitrary code or interfere with service operation ( Memory access violation ) There are vulnerabilities that are put into a state.Skillfully crafted by a third party to be processed incorrectly during thawing RAR Arbitrary code is executed via a file, or denial of service ( Memory access violation ) There is a possibility of being put into a state. Multiple Symantec products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service condition. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. A memory corruption vulnerability exists in the RAR decompression process of the AntiVirus Decomposer engine of several Symantec and Norton products. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0016",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.04"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.03"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.8.0"
},
{
"model": "norton security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.06"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "norton power eraser",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.6"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.3"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "ngc",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "22.6"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "norton bootable removal tool",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.0"
},
{
"model": "csapi",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.0.4"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.8.0"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.5"
},
{
"model": "norton 360",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.5.4 and earlier"
},
{
"model": "web gateway",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "norton security with backup",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.0.9 and earlier"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(atp) 2.0.3 and earlier"
},
{
"model": "norton bootable removal tool",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "csapi",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "10.0.4 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac (sep for mac) 12.1.6 mp4 and earlier"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.03 to 6.05"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 6.5.8"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5mp1"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for linux (sep for linux) 12.1.6 mp4 and earlier"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.0.4 and earlier"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac 13.0.2"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.0.6 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.5.4 and earlier"
},
{
"model": "norton security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(npe) 5.1"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(nbrt) 2016.1"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(sep) 12.1.6 mp4 and earlier"
},
{
"model": "norton product family",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0mp1"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6mp1"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg) 10.6.1-3 and earlier"
},
{
"model": "norton antivirus",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton product family",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.1.3 and earlier"
},
{
"model": "norton internet security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.0.5 and earlier"
},
{
"model": "email security server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud (ess)"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0.4000.2295"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "norton antivirus",
"scope": null,
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "norton security",
"scope": null,
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.9"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.7"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10.382"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.7.373"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.6.368"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.4.363"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.0.024"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.8.120"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.10"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.7"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.325"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.47"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.4"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.5.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.4.29"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.3.25"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.11"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.0.19"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.4.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.2.28"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.9.37"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.26"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.19"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001.2224"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2020.56"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2010.25"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2001.10"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2000.1567"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.781.1287"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.780.1109"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200.754"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4202.75"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection ru7 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp3(11.0.63",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp2(11.0.62",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp1(11.0.61",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11"
}
],
"sources": [
{
"db": "BID",
"id": "91434"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"db": "NVD",
"id": "CVE-2016-2207"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2207"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy with Google\u0027s Project Zero",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2207",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-2207",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-91026",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-2207",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2207",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-626",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-91026",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2207",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91026"
},
{
"db": "VULMON",
"id": "CVE-2016-2207"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"db": "NVD",
"id": "CVE-2016-2207"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression. plural Symantec The product decompression engine could execute arbitrary code or interfere with service operation ( Memory access violation ) There are vulnerabilities that are put into a state.Skillfully crafted by a third party to be processed incorrectly during thawing RAR Arbitrary code is executed via a file, or denial of service ( Memory access violation ) There is a possibility of being put into a state. Multiple Symantec products are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause denial-of-service condition. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. A memory corruption vulnerability exists in the RAR decompression process of the AntiVirus Decomposer engine of several Symantec and Norton products. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security ",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2207"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"db": "BID",
"id": "91434"
},
{
"db": "VULHUB",
"id": "VHN-91026"
},
{
"db": "VULMON",
"id": "CVE-2016-2207"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-91026",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40031",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91026"
},
{
"db": "VULMON",
"id": "CVE-2016-2207"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2207",
"trust": 3.0
},
{
"db": "BID",
"id": "91434",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036199",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036198",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "40031",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA16-187A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-626",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "137706",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-91026",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2207",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91026"
},
{
"db": "VULMON",
"id": "CVE-2016-2207"
},
{
"db": "BID",
"id": "91434"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"db": "PACKETSTORM",
"id": "137706"
},
{
"db": "NVD",
"id": "CVE-2016-2207"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
]
},
"id": "VAR-201606-0016",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-91026"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:18.660000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM16-010",
"trust": 0.8,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"title": "Multiple Symantec and Norton Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62535"
},
{
"title": "Symantec Security Advisories: Symantec Decomposer Engine Multiple Parsing Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=2d4155876d3176fc7fb3548ce33b0a8f"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2207"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91026"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"db": "NVD",
"id": "CVE-2016-2207"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/91434"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/40031/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036198"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036199"
},
{
"trust": 1.7,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2207"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160705-symantec.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99096686/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2207"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta16-187a"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=\u0026amp;suid=20160628_00"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.symantec.com/en_us/article.symsa1371.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2207"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91026"
},
{
"db": "VULMON",
"id": "CVE-2016-2207"
},
{
"db": "BID",
"id": "91434"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"db": "PACKETSTORM",
"id": "137706"
},
{
"db": "NVD",
"id": "CVE-2016-2207"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-91026"
},
{
"db": "VULMON",
"id": "CVE-2016-2207"
},
{
"db": "BID",
"id": "91434"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"db": "PACKETSTORM",
"id": "137706"
},
{
"db": "NVD",
"id": "CVE-2016-2207"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-91026"
},
{
"date": "2016-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2207"
},
{
"date": "2016-06-28T00:00:00",
"db": "BID",
"id": "91434"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"date": "2016-06-29T00:18:23",
"db": "PACKETSTORM",
"id": "137706"
},
{
"date": "2016-06-30T23:59:01.150000",
"db": "NVD",
"id": "CVE-2016-2207"
},
{
"date": "2016-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-91026"
},
{
"date": "2021-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2207"
},
{
"date": "2016-07-06T15:08:00",
"db": "BID",
"id": "91434"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003441"
},
{
"date": "2021-09-08T17:19:32.817000",
"db": "NVD",
"id": "CVE-2016-2207"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Symantec Vulnerability in arbitrary code execution in the product decompression engine",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003441"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-626"
}
],
"trust": 0.6
}
}
var-201606-0106
Vulnerability from variot
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data. plural Symantec Product decompression engine TNEF Unpacker contains an integer overflow vulnerability.Skillfully crafted by a third party TNEF There is a possibility of unspecified influence through the data. Multiple Symantec products are prone to an integer-overflow vulnerability. Successful exploits may allow the attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts likely result in denial-of-service conditions. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. An integer overflow vulnerability exists in the TNEF unpacker of the AntiVirus Decomposer engine of several Symantec and Norton products. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0106",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5.8"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.8.0"
},
{
"model": "norton security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.6"
},
{
"model": "norton power eraser",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.3"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "protection for sharepoint servers",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.03"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "protection for sharepoint servers",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "ngc",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "22.6"
},
{
"model": "norton security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton bootable removal tool",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "csapi",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.0.4"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.0"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.8.0"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.5"
},
{
"model": "norton 360",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.5.4 and earlier"
},
{
"model": "web gateway",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "norton security with backup",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.0.9 and earlier"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(atp) 2.0.3 and earlier"
},
{
"model": "norton bootable removal tool",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "csapi",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "10.0.4 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac (sep for mac) 12.1.6 mp4 and earlier"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.03 to 6.05"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 6.5.8"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5mp1"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for linux (sep for linux) 12.1.6 mp4 and earlier"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.0.4 and earlier"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac 13.0.2"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.0.6 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.5.4 and earlier"
},
{
"model": "norton security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(npe) 5.1"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(nbrt) 2016.1"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(sep) 12.1.6 mp4 and earlier"
},
{
"model": "norton product family",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0mp1"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6mp1"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg) 10.6.1-3 and earlier"
},
{
"model": "norton antivirus",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton product family",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.1.3 and earlier"
},
{
"model": "norton internet security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.0.5 and earlier"
},
{
"model": "email security server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud (ess)"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0.4000.2295"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "advanced threat protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.9"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.7"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10.382"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.7.373"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.6.368"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.4.363"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.0.024"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.8.120"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.10"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.7"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.325"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.47"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.4"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.5.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.4.29"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.3.25"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.11"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.0.19"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.4.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.2.28"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.9.37"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.26"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.19"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001.2224"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2020.56"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2010.25"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2001.10"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2000.1567"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.781.1287"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.780.1109"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200.754"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4202.75"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection ru7 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp3(11.0.63",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp2(11.0.62",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp1(11.0.61",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11"
}
],
"sources": [
{
"db": "BID",
"id": "91439"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"db": "NVD",
"id": "CVE-2016-3645"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3645"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy with Google\u0027s Project Zero",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
],
"trust": 0.6
},
"cve": "CVE-2016-3645",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-3645",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-92464",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3645",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3645",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-631",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-92464",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-3645",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92464"
},
{
"db": "VULMON",
"id": "CVE-2016-3645"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"db": "NVD",
"id": "CVE-2016-3645"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data. plural Symantec Product decompression engine TNEF Unpacker contains an integer overflow vulnerability.Skillfully crafted by a third party TNEF There is a possibility of unspecified influence through the data. Multiple Symantec products are prone to an integer-overflow vulnerability. \nSuccessful exploits may allow the attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts likely result in denial-of-service conditions. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. An integer overflow vulnerability exists in the TNEF unpacker of the AntiVirus Decomposer engine of several Symantec and Norton products. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security ",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3645"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"db": "BID",
"id": "91439"
},
{
"db": "VULHUB",
"id": "VHN-92464"
},
{
"db": "VULMON",
"id": "CVE-2016-3645"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-92464",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40035",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92464"
},
{
"db": "VULMON",
"id": "CVE-2016-3645"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3645",
"trust": 2.9
},
{
"db": "BID",
"id": "91439",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036199",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036198",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "40035",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA16-187A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-631",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "137710",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-92464",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-3645",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92464"
},
{
"db": "VULMON",
"id": "CVE-2016-3645"
},
{
"db": "BID",
"id": "91439"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"db": "NVD",
"id": "CVE-2016-3645"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
]
},
"id": "VAR-201606-0106",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-92464"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:18.520000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM16-010",
"trust": 0.8,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"title": "Multiple Symantec and Norton Product Integer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62540"
},
{
"title": "Symantec Security Advisories: Symantec Decomposer Engine Multiple Parsing Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=2d4155876d3176fc7fb3548ce33b0a8f"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-3645"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92464"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"db": "NVD",
"id": "CVE-2016-3645"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/91439"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036198"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036199"
},
{
"trust": 1.7,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3645"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160705-symantec.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99096686/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3645"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta16-187a"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=\u0026amp;suid=20160628_00"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/189.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=49055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92464"
},
{
"db": "VULMON",
"id": "CVE-2016-3645"
},
{
"db": "BID",
"id": "91439"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"db": "NVD",
"id": "CVE-2016-3645"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-92464"
},
{
"db": "VULMON",
"id": "CVE-2016-3645"
},
{
"db": "BID",
"id": "91439"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"db": "NVD",
"id": "CVE-2016-3645"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-92464"
},
{
"date": "2016-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3645"
},
{
"date": "2016-06-28T00:00:00",
"db": "BID",
"id": "91439"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"date": "2016-06-30T23:59:06.747000",
"db": "NVD",
"id": "CVE-2016-3645"
},
{
"date": "2016-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-92464"
},
{
"date": "2020-05-11T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3645"
},
{
"date": "2016-07-06T15:08:00",
"db": "BID",
"id": "91439"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003446"
},
{
"date": "2020-05-11T19:23:07.310000",
"db": "NVD",
"id": "CVE-2016-3645"
},
{
"date": "2019-07-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Symantec Product decompression engine TNEF Unpacker integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003446"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-631"
}
],
"trust": 0.6
}
}
var-201606-0018
Vulnerability from variot
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file. plural Symantec Product decompression engine Dec2LHA.dll Contains a buffer overflow vulnerability.A third party may be able to execute arbitrary code via a crafted file. Multiple Symantec products are prone to a buffer-overflow vulnerability. Successful exploits may allow the attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts will likely result in denial-of-service conditions. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "data center security server",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5.8"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.8.0"
},
{
"model": "norton security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.06"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "norton power eraser",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.04"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.3"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "ngc",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "22.6"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "norton bootable removal tool",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.03"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.0"
},
{
"model": "csapi",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.0.4"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.8.0"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.5"
},
{
"model": "norton 360",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.5.4 and earlier"
},
{
"model": "web gateway",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "norton security with backup",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.0.9 and earlier"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(atp) 2.0.3 and earlier"
},
{
"model": "norton bootable removal tool",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "csapi",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "10.0.4 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac (sep for mac) 12.1.6 mp4 and earlier"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.03 to 6.05"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 6.5.8"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5mp1"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for linux (sep for linux) 12.1.6 mp4 and earlier"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.0.4 and earlier"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac 13.0.2"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.0.6 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.5.4 and earlier"
},
{
"model": "norton security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(npe) 5.1"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(nbrt) 2016.1"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(sep) 12.1.6 mp4 and earlier"
},
{
"model": "norton product family",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0mp1"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6mp1"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg) 10.6.1-3 and earlier"
},
{
"model": "norton antivirus",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton product family",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.1.3 and earlier"
},
{
"model": "norton internet security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.0.5 and earlier"
},
{
"model": "email security server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud (ess)"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0.4000.2295"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "advanced threat protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "message gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.9"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.7"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10.382"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.7.373"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.6.368"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.4.363"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.0.024"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.8.120"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.10"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.7"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.325"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.47"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.4"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.5.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.4.29"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.3.25"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.11"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.0.19"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.4.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.2.28"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.9.37"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.26"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.19"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001.2224"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2020.56"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2010.25"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2001.10"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2000.1567"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.781.1287"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.780.1109"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200.754"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4202.75"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection ru7 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp3(11.0.63",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp2(11.0.62",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp1(11.0.61",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11"
}
],
"sources": [
{
"db": "BID",
"id": "91437"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"db": "NVD",
"id": "CVE-2016-2210"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2210"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy with Google\u0027s Project Zero",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2210",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2210",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-91029",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.5,
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-2210",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2210",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-628",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-91029",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2210",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91029"
},
{
"db": "VULMON",
"id": "CVE-2016-2210"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"db": "NVD",
"id": "CVE-2016-2210"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file. plural Symantec Product decompression engine Dec2LHA.dll Contains a buffer overflow vulnerability.A third party may be able to execute arbitrary code via a crafted file. Multiple Symantec products are prone to a buffer-overflow vulnerability. \nSuccessful exploits may allow the attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts will likely result in denial-of-service conditions. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security ",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2210"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"db": "BID",
"id": "91437"
},
{
"db": "VULHUB",
"id": "VHN-91029"
},
{
"db": "VULMON",
"id": "CVE-2016-2210"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-91029",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40032",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91029"
},
{
"db": "VULMON",
"id": "CVE-2016-2210"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2210",
"trust": 2.9
},
{
"db": "BID",
"id": "91437",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036199",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036198",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "40032",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA16-187A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-628",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "137707",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-91029",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2210",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91029"
},
{
"db": "VULMON",
"id": "CVE-2016-2210"
},
{
"db": "BID",
"id": "91437"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"db": "NVD",
"id": "CVE-2016-2210"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
]
},
"id": "VAR-201606-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-91029"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:18.623000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM16-010",
"trust": 0.8,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"title": "Multiple Symantec and Norton Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62537"
},
{
"title": "Symantec Security Advisories: Symantec Decomposer Engine Multiple Parsing Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=2d4155876d3176fc7fb3548ce33b0a8f"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2210"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91029"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"db": "NVD",
"id": "CVE-2016-2210"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/91437"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036198"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036199"
},
{
"trust": 1.7,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2210"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160705-symantec.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99096686/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2210"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta16-187a"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=\u0026amp;suid=20160628_00"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=47120"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91029"
},
{
"db": "VULMON",
"id": "CVE-2016-2210"
},
{
"db": "BID",
"id": "91437"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"db": "NVD",
"id": "CVE-2016-2210"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-91029"
},
{
"db": "VULMON",
"id": "CVE-2016-2210"
},
{
"db": "BID",
"id": "91437"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"db": "NVD",
"id": "CVE-2016-2210"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-91029"
},
{
"date": "2016-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2210"
},
{
"date": "2016-06-28T00:00:00",
"db": "BID",
"id": "91437"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"date": "2016-06-30T23:59:03.667000",
"db": "NVD",
"id": "CVE-2016-2210"
},
{
"date": "2016-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-91029"
},
{
"date": "2021-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2210"
},
{
"date": "2016-07-06T15:08:00",
"db": "BID",
"id": "91437"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003443"
},
{
"date": "2021-09-08T17:19:32.963000",
"db": "NVD",
"id": "CVE-2016-2210"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Symantec Product decompression engine Dec2LHA.dll Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003443"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-628"
}
],
"trust": 0.6
}
}
var-201606-0107
Vulnerability from variot
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression. plural Symantec The product decompression engine could execute arbitrary code or interfere with service operation ( Memory access violation ) There are vulnerabilities that are put into a state.Skillfully crafted by a third party to be processed incorrectly during thawing ZIP Arbitrary code may be executed via the archive, or denial of service ( Memory access violation ) There is a possibility of being put into a state. Multiple Symantec Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service condition. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. A memory corruption vulnerability exists in the ZIP decompression process of the AntiVirus Decomposer engine of several Symantec and Norton products. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0107",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5.8"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.8.0"
},
{
"model": "norton security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.6"
},
{
"model": "norton power eraser",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.3"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "protection for sharepoint servers",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.03"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "protection for sharepoint servers",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "ngc",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "22.6"
},
{
"model": "norton security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton bootable removal tool",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "csapi",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.0.4"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.0"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.9,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.8.0"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.5"
},
{
"model": "norton 360",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.5.4 and earlier"
},
{
"model": "web gateway",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "norton security with backup",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.0.9 and earlier"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(atp) 2.0.3 and earlier"
},
{
"model": "norton bootable removal tool",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "csapi",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "10.0.4 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac (sep for mac) 12.1.6 mp4 and earlier"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.03 to 6.05"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 6.5.8"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5mp1"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for linux (sep for linux) 12.1.6 mp4 and earlier"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.0.4 and earlier"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac 13.0.2"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.0.6 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.5.4 and earlier"
},
{
"model": "norton security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(npe) 5.1"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(nbrt) 2016.1"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(sep) 12.1.6 mp4 and earlier"
},
{
"model": "norton product family",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0mp1"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6mp1"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg) 10.6.1-3 and earlier"
},
{
"model": "norton antivirus",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton product family",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.1.3 and earlier"
},
{
"model": "norton internet security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.0.5 and earlier"
},
{
"model": "email security server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud (ess)"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0.4000.2295"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "advanced threat protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "8.1.3"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "6.03"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "6.04"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.9"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.7"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10.382"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.7.373"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.6.368"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.4.363"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.0.024"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.8.120"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.10"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.7"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.325"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.47"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.4"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.5.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.4.29"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.3.25"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.11"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.0.19"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.4.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.2.28"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.9.37"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.26"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.19"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001.2224"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2020.56"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2010.25"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2001.10"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2000.1567"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.781.1287"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.780.1109"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200.754"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4202.75"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection ru7 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp3(11.0.63",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp2(11.0.62",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp1(11.0.61",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11"
}
],
"sources": [
{
"db": "BID",
"id": "91435"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"db": "NVD",
"id": "CVE-2016-3646"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3646"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy with Google\u0027s Project Zero",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
],
"trust": 0.6
},
"cve": "CVE-2016-3646",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-3646",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-92465",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3646",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3646",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-632",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-92465",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-3646",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92465"
},
{
"db": "VULMON",
"id": "CVE-2016-3646"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"db": "NVD",
"id": "CVE-2016-3646"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression. plural Symantec The product decompression engine could execute arbitrary code or interfere with service operation ( Memory access violation ) There are vulnerabilities that are put into a state.Skillfully crafted by a third party to be processed incorrectly during thawing ZIP Arbitrary code may be executed via the archive, or denial of service ( Memory access violation ) There is a possibility of being put into a state. Multiple Symantec Products are prone to a denial-of-service vulnerability. \nAn attacker can exploit this issue to cause denial-of-service condition. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. A memory corruption vulnerability exists in the ZIP decompression process of the AntiVirus Decomposer engine of several Symantec and Norton products. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security ",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3646"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"db": "BID",
"id": "91435"
},
{
"db": "VULHUB",
"id": "VHN-92465"
},
{
"db": "VULMON",
"id": "CVE-2016-3646"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-92465",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40036",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92465"
},
{
"db": "VULMON",
"id": "CVE-2016-3646"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3646",
"trust": 2.9
},
{
"db": "BID",
"id": "91435",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036199",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036198",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "40036",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA16-187A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-632",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "137711",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-92465",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-3646",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92465"
},
{
"db": "VULMON",
"id": "CVE-2016-3646"
},
{
"db": "BID",
"id": "91435"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"db": "NVD",
"id": "CVE-2016-3646"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
]
},
"id": "VAR-201606-0107",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-92465"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:18.443000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM16-010",
"trust": 0.8,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"title": "Multiple Symantec and Norton Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62541"
},
{
"title": "Symantec Security Advisories: Symantec Decomposer Engine Multiple Parsing Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=2d4155876d3176fc7fb3548ce33b0a8f"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-3646"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92465"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"db": "NVD",
"id": "CVE-2016-3646"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/91435"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/40036/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036198"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036199"
},
{
"trust": 1.7,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3646"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160705-symantec.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99096686/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3646"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta16-187a"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=\u0026amp;suid=20160628_00"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.symantec.com/en_us/article.symsa1371.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92465"
},
{
"db": "VULMON",
"id": "CVE-2016-3646"
},
{
"db": "BID",
"id": "91435"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"db": "NVD",
"id": "CVE-2016-3646"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-92465"
},
{
"db": "VULMON",
"id": "CVE-2016-3646"
},
{
"db": "BID",
"id": "91435"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"db": "NVD",
"id": "CVE-2016-3646"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-92465"
},
{
"date": "2016-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3646"
},
{
"date": "2016-06-28T00:00:00",
"db": "BID",
"id": "91435"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"date": "2016-06-30T23:59:07.763000",
"db": "NVD",
"id": "CVE-2016-3646"
},
{
"date": "2016-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-92465"
},
{
"date": "2020-05-11T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3646"
},
{
"date": "2016-07-06T15:08:00",
"db": "BID",
"id": "91435"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003447"
},
{
"date": "2020-05-11T19:23:07.310000",
"db": "NVD",
"id": "CVE-2016-3646"
},
{
"date": "2019-07-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Symantec Vulnerability in arbitrary code execution in the product decompression engine",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003447"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-632"
}
],
"trust": 0.6
}
}
var-201606-0105
Vulnerability from variot
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message. plural Symantec The product decompression engine could execute arbitrary code or interfere with service operation ( Memory corruption ) There are vulnerabilities that are put into a state.The message was changed by a third party MIME Arbitrary code is executed via data, or denial of service ( Memory corruption ) There is a possibility of being put into a state. Multiple Symantec products are prone to a memory-corruption vulnerability. An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0105",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "protection engine",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "7.8.0"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6"
},
{
"model": "norton security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "norton power eraser",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.3"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "protection for sharepoint servers",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.03"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "protection for sharepoint servers",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "ngc",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "22.6"
},
{
"model": "norton security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "norton bootable removal tool",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "csapi",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.0.4"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.0"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.8.0"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.5"
},
{
"model": "norton 360",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.5.4 and earlier"
},
{
"model": "web gateway",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "norton security with backup",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.0.9 and earlier"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(atp) 2.0.3 and earlier"
},
{
"model": "norton bootable removal tool",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "csapi",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "10.0.4 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac (sep for mac) 12.1.6 mp4 and earlier"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.03 to 6.05"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 6.5.8"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5mp1"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for linux (sep for linux) 12.1.6 mp4 and earlier"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.0.4 and earlier"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac 13.0.2"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.0.6 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.5.4 and earlier"
},
{
"model": "norton security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(npe) 5.1"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(nbrt) 2016.1"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(sep) 12.1.6 mp4 and earlier"
},
{
"model": "norton product family",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0mp1"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6mp1"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg) 10.6.1-3 and earlier"
},
{
"model": "norton antivirus",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton product family",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.1.3 and earlier"
},
{
"model": "norton internet security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.0.5 and earlier"
},
{
"model": "email security server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud (ess)"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0.4000.2295"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "advanced threat protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "6.04"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.9"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.7"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10.382"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.7.373"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.6.368"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.4.363"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.0.024"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.8.120"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.10"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.7"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.325"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.47"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.4"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.5.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.4.29"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.3.25"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.11"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.0.19"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.4.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.2.28"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.9.37"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.26"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.19"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001.2224"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2020.56"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2010.25"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2001.10"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2000.1567"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.781.1287"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.780.1109"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200.754"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4202.75"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection ru7 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp3(11.0.63",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp2(11.0.62",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp1(11.0.61",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11"
}
],
"sources": [
{
"db": "BID",
"id": "91431"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"db": "NVD",
"id": "CVE-2016-3644"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3644"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy with Google\u0027s Project Zero",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
],
"trust": 0.6
},
"cve": "CVE-2016-3644",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-3644",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-92463",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3644",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3644",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-630",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-92463",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-3644",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92463"
},
{
"db": "VULMON",
"id": "CVE-2016-3644"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"db": "NVD",
"id": "CVE-2016-3644"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message. plural Symantec The product decompression engine could execute arbitrary code or interfere with service operation ( Memory corruption ) There are vulnerabilities that are put into a state.The message was changed by a third party MIME Arbitrary code is executed via data, or denial of service ( Memory corruption ) There is a possibility of being put into a state. Multiple Symantec products are prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security ",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3644"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"db": "BID",
"id": "91431"
},
{
"db": "VULHUB",
"id": "VHN-92463"
},
{
"db": "VULMON",
"id": "CVE-2016-3644"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-92463",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40034",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92463"
},
{
"db": "VULMON",
"id": "CVE-2016-3644"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3644",
"trust": 2.9
},
{
"db": "BID",
"id": "91431",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036199",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036198",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "40034",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA16-187A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-630",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "137709",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-92463",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-3644",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92463"
},
{
"db": "VULMON",
"id": "CVE-2016-3644"
},
{
"db": "BID",
"id": "91431"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"db": "NVD",
"id": "CVE-2016-3644"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
]
},
"id": "VAR-201606-0105",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-92463"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:18.732000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM16-010",
"trust": 0.8,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"title": "Multiple Symantec and Norton Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62539"
},
{
"title": "Symantec Security Advisories: Symantec Decomposer Engine Multiple Parsing Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=2d4155876d3176fc7fb3548ce33b0a8f"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-3644"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92463"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"db": "NVD",
"id": "CVE-2016-3644"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/91431"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/40034/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036198"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036199"
},
{
"trust": 1.7,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3644"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160705-symantec.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99096686/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3644"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta16-187a"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=\u0026amp;suid=20160628_00"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/20.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.symantec.com/en_us/article.symsa1371.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-92463"
},
{
"db": "VULMON",
"id": "CVE-2016-3644"
},
{
"db": "BID",
"id": "91431"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"db": "NVD",
"id": "CVE-2016-3644"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-92463"
},
{
"db": "VULMON",
"id": "CVE-2016-3644"
},
{
"db": "BID",
"id": "91431"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"db": "NVD",
"id": "CVE-2016-3644"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-92463"
},
{
"date": "2016-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3644"
},
{
"date": "2016-06-28T00:00:00",
"db": "BID",
"id": "91431"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"date": "2016-06-30T23:59:05.760000",
"db": "NVD",
"id": "CVE-2016-3644"
},
{
"date": "2016-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-92463"
},
{
"date": "2020-05-11T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3644"
},
{
"date": "2016-07-06T15:08:00",
"db": "BID",
"id": "91431"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003445"
},
{
"date": "2020-05-11T19:23:07.310000",
"db": "NVD",
"id": "CVE-2016-3644"
},
{
"date": "2019-07-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Symantec Vulnerability in arbitrary code execution in the product decompression engine",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003445"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-630"
}
],
"trust": 0.6
}
}
var-201606-0019
Vulnerability from variot
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression. plural Symantec The product decompression engine could execute arbitrary code or interfere with service operation ( Memory corruption ) There are vulnerabilities that are put into a state.Skillfully crafted by a third party to be processed incorrectly during thawing CAB Arbitrary code is executed via a file, or denial of service ( Memory corruption ) There is a possibility of being put into a state. Multiple Symantec products are prone to a memory-corruption vulnerability. An attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. A memory corruption vulnerability exists in the CAB decompression process of the AntiVirus Decomposer engine of several Symantec and Norton products. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0019",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.6"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "7.8.0"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5.8"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "norton security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.06"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "norton power eraser",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.04"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.3"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "ngc",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "22.6"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "norton bootable removal tool",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.03"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.0"
},
{
"model": "csapi",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.0.4"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.8.0"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.5"
},
{
"model": "norton 360",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.5.4 and earlier"
},
{
"model": "web gateway",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "norton security with backup",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.0.9 and earlier"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(atp) 2.0.3 and earlier"
},
{
"model": "norton bootable removal tool",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "csapi",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "10.0.4 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac (sep for mac) 12.1.6 mp4 and earlier"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.03 to 6.05"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 6.5.8"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5mp1"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for linux (sep for linux) 12.1.6 mp4 and earlier"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.0.4 and earlier"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac 13.0.2"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.0.6 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.5.4 and earlier"
},
{
"model": "norton security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(npe) 5.1"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(nbrt) 2016.1"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(sep) 12.1.6 mp4 and earlier"
},
{
"model": "norton product family",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0mp1"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6mp1"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg) 10.6.1-3 and earlier"
},
{
"model": "norton antivirus",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton product family",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.1.3 and earlier"
},
{
"model": "norton internet security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.0.5 and earlier"
},
{
"model": "email security server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud (ess)"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0.4000.2295"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.9"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.7"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10.382"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.7.373"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.6.368"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.4.363"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.0.024"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.8.120"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.10"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.7"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.325"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.47"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.4"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.5.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.4.29"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.3.25"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.11"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.0.19"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.4.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.2.28"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.9.37"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.26"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.19"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001.2224"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2020.56"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2010.25"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2001.10"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2000.1567"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.781.1287"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.780.1109"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200.754"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4202.75"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection ru7 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp3(11.0.63",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp2(11.0.62",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp1(11.0.61",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11"
}
],
"sources": [
{
"db": "BID",
"id": "91438"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"db": "NVD",
"id": "CVE-2016-2211"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2211"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy with Google\u0027s Project Zero",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2211",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-2211",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-91030",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-2211",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2211",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-629",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-91030",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2211",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91030"
},
{
"db": "VULMON",
"id": "CVE-2016-2211"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"db": "NVD",
"id": "CVE-2016-2211"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression. plural Symantec The product decompression engine could execute arbitrary code or interfere with service operation ( Memory corruption ) There are vulnerabilities that are put into a state.Skillfully crafted by a third party to be processed incorrectly during thawing CAB Arbitrary code is executed via a file, or denial of service ( Memory corruption ) There is a possibility of being put into a state. Multiple Symantec products are prone to a memory-corruption vulnerability. \nAn attacker can exploit this issue to cause denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. A memory corruption vulnerability exists in the CAB decompression process of the AntiVirus Decomposer engine of several Symantec and Norton products. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security ",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2211"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"db": "BID",
"id": "91438"
},
{
"db": "VULHUB",
"id": "VHN-91030"
},
{
"db": "VULMON",
"id": "CVE-2016-2211"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2211",
"trust": 2.9
},
{
"db": "BID",
"id": "91438",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036198",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036199",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA16-187A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-629",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "137708",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-91030",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2211",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91030"
},
{
"db": "VULMON",
"id": "CVE-2016-2211"
},
{
"db": "BID",
"id": "91438"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"db": "NVD",
"id": "CVE-2016-2211"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
]
},
"id": "VAR-201606-0019",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-91030"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:18.697000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM16-010",
"trust": 0.8,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"title": "Multiple Symantec and Norton Product memory corruption vulnerability fixes",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62538"
},
{
"title": "Symantec Security Advisories: Symantec Decomposer Engine Multiple Parsing Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=2d4155876d3176fc7fb3548ce33b0a8f"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2211"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91030"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"db": "NVD",
"id": "CVE-2016-2211"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/91438"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036198"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036199"
},
{
"trust": 1.7,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2211"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160705-symantec.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99096686/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2211"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta16-187a"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=\u0026amp;suid=20160628_00"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.symantec.com/en_us/article.symsa1371.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91030"
},
{
"db": "VULMON",
"id": "CVE-2016-2211"
},
{
"db": "BID",
"id": "91438"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"db": "NVD",
"id": "CVE-2016-2211"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-91030"
},
{
"db": "VULMON",
"id": "CVE-2016-2211"
},
{
"db": "BID",
"id": "91438"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"db": "NVD",
"id": "CVE-2016-2211"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-91030"
},
{
"date": "2016-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2211"
},
{
"date": "2016-06-28T00:00:00",
"db": "BID",
"id": "91438"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"date": "2016-06-30T23:59:04.730000",
"db": "NVD",
"id": "CVE-2016-2211"
},
{
"date": "2016-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-91030"
},
{
"date": "2021-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2211"
},
{
"date": "2016-07-06T15:08:00",
"db": "BID",
"id": "91438"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003444"
},
{
"date": "2021-09-08T17:19:33",
"db": "NVD",
"id": "CVE-2016-2211"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Symantec Vulnerability in arbitrary code execution in the product decompression engine",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003444"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-629"
}
],
"trust": 0.6
}
}
var-201606-0017
Vulnerability from variot
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file. plural Symantec Product decompression engine Dec2SS.dll Contains a buffer overflow vulnerability.A third party may be able to execute arbitrary code via a crafted file. Multiple Symantec products are prone to a buffer-overflow vulnerability. Successful exploits may allow the attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts likely result in denial-of-service conditions. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201606-0017",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "6.5.8"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "7.8.0"
},
{
"model": "norton security",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "13.0.1"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.06"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "norton power eraser",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.04"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "mail security for domino",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.3"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.05"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "10.5"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.6.1-3"
},
{
"model": "data center security server",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "ngc",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "22.6"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for microsoft exchange",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "norton bootable removal tool",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "6.03"
},
{
"model": "protection engine",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.0"
},
{
"model": "csapi",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "10.0.4"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "*"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.9,
"vendor": "symantec",
"version": "8.0.9"
},
{
"model": "norton security with backup",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.8.0"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.5"
},
{
"model": "norton 360",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.5.4 and earlier"
},
{
"model": "web gateway",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "norton security with backup",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.0.9 and earlier"
},
{
"model": "advanced threat protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(atp) 2.0.3 and earlier"
},
{
"model": "norton bootable removal tool",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "csapi",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "10.0.4 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac (sep for mac) 12.1.6 mp4 and earlier"
},
{
"model": "message gateway for service providers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg-sp) 10.6"
},
{
"model": "protection for sharepoint servers",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.03 to 6.05"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 6.5.8"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5mp1"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "for linux (sep for linux) 12.1.6 mp4 and earlier"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.0.4 and earlier"
},
{
"model": "norton security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "for mac 13.0.2"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "protection for sharepoint servers",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spss) 6.0.6 and earlier"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsmse) 7.5.4 and earlier"
},
{
"model": "norton security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(npe) 5.1"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(nbrt) 2016.1"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(sep) 12.1.6 mp4 and earlier"
},
{
"model": "norton product family",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.0mp1"
},
{
"model": "data center security:server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "(sdcs:s) 6.6mp1"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "ngc 22.7"
},
{
"model": "message gateway",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smg) 10.6.1-3 and earlier"
},
{
"model": "norton antivirus",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton product family",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "norton power eraser",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "mail security for domino",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(smsdom) 8.1.3 and earlier"
},
{
"model": "norton internet security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "everything"
},
{
"model": "protection engine",
"scope": "lte",
"trust": 0.8,
"vendor": "symantec",
"version": "(spe) 7.0.5 and earlier"
},
{
"model": "email security server",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": ".cloud (ess)"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0.4000.2295"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "advanced threat protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.0.4"
},
{
"model": "protection engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton bootable removal tool",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "2016.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "7.5.4"
},
{
"model": "norton power eraser",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "csapi",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.4"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.3"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.9"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.8"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.7"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.6"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.11"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10.382"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.10"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.5.5"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.13"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.12"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.0.1"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.7.373"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.6.368"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.4.363"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.0.024"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.8.120"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.6.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.3"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.2"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.10"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.9"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.7"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.6"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.325"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0.47"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.4"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0.1"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0.8"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.5.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.4.29"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.3.25"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.12"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.11"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5.0.19"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.4.32"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.1.2.28"
},
{
"model": "mail security for domino",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1.9.37"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.26"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.19"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001.2224"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2020.56"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2010.25"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2001.10"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2000.1567"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.781.1287"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.780.1109"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200.754"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4202.75"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection ru7 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp3(11.0.63",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp2(11.0.62",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp1(11.0.61",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11"
}
],
"sources": [
{
"db": "BID",
"id": "91436"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"db": "NVD",
"id": "CVE-2016-2209"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"cpe_name": [],
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2209"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tavis Ormandy with Google\u0027s Project Zero",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2209",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2209",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-91028",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.5,
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2016-2209",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2209",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201606-627",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-91028",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2209",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91028"
},
{
"db": "VULMON",
"id": "CVE-2016-2209"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"db": "NVD",
"id": "CVE-2016-2209"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file. plural Symantec Product decompression engine Dec2SS.dll Contains a buffer overflow vulnerability.A third party may be able to execute arbitrary code via a crafted file. Multiple Symantec products are prone to a buffer-overflow vulnerability. \nSuccessful exploits may allow the attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts likely result in denial-of-service conditions. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security ",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2209"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"db": "BID",
"id": "91436"
},
{
"db": "VULHUB",
"id": "VHN-91028"
},
{
"db": "VULMON",
"id": "CVE-2016-2209"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-91028",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=40037",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91028"
},
{
"db": "VULMON",
"id": "CVE-2016-2209"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2209",
"trust": 2.9
},
{
"db": "BID",
"id": "91436",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1036199",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1036198",
"trust": 1.8
},
{
"db": "EXPLOIT-DB",
"id": "40037",
"trust": 1.8
},
{
"db": "USCERT",
"id": "TA16-187A",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201606-627",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "137712",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-91028",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2209",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91028"
},
{
"db": "VULMON",
"id": "CVE-2016-2209"
},
{
"db": "BID",
"id": "91436"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"db": "NVD",
"id": "CVE-2016-2209"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
]
},
"id": "VAR-201606-0017",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-91028"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:18.480000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM16-010",
"trust": 0.8,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"title": "Multiple Symantec and Norton Product Buffer Overflow Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62536"
},
{
"title": "Symantec Security Advisories: Symantec Decomposer Engine Multiple Parsing Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=2d4155876d3176fc7fb3548ce33b0a8f"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2209"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91028"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"db": "NVD",
"id": "CVE-2016-2209"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "http://www.securityfocus.com/bid/91436"
},
{
"trust": 1.9,
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036198"
},
{
"trust": 1.8,
"url": "http://www.securitytracker.com/id/1036199"
},
{
"trust": 1.7,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2209"
},
{
"trust": 0.8,
"url": "https://www.ipa.go.jp/security/ciadr/vul/20160705-symantec.html"
},
{
"trust": 0.8,
"url": "http://jvn.jp/ta/jvnta99096686/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2209"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ncas/alerts/ta16-187a"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=\u0026amp;suid=20160628_00"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://support.symantec.com/en_us/article.symsa1371.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91028"
},
{
"db": "VULMON",
"id": "CVE-2016-2209"
},
{
"db": "BID",
"id": "91436"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"db": "NVD",
"id": "CVE-2016-2209"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-91028"
},
{
"db": "VULMON",
"id": "CVE-2016-2209"
},
{
"db": "BID",
"id": "91436"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"db": "NVD",
"id": "CVE-2016-2209"
},
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-06-30T00:00:00",
"db": "VULHUB",
"id": "VHN-91028"
},
{
"date": "2016-06-30T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2209"
},
{
"date": "2016-06-28T00:00:00",
"db": "BID",
"id": "91436"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"date": "2016-06-30T23:59:02.497000",
"db": "NVD",
"id": "CVE-2016-2209"
},
{
"date": "2016-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-05-11T00:00:00",
"db": "VULHUB",
"id": "VHN-91028"
},
{
"date": "2021-09-08T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2209"
},
{
"date": "2016-07-05T22:43:00",
"db": "BID",
"id": "91436"
},
{
"date": "2016-07-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003442"
},
{
"date": "2021-09-08T17:19:32.927000",
"db": "NVD",
"id": "CVE-2016-2209"
},
{
"date": "2019-08-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Symantec Product decompression engine Dec2SS.dll Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003442"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201606-627"
}
],
"trust": 0.6
}
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9099B-FB1D-439B-BEAC-23D199542256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4AED9F60-CCEA-43EF-93B4-2C13F5574BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "24F42E84-1AB9-45CF-ABE7-17911915606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5393B-BC84-4590-9779-3A6752EC767F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Dec2SS.dll en el motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado."
}
],
"id": "CVE-2016-2209",
"lastModified": "2024-11-21T02:48:02.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:02.497",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91436"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91436"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40037/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@symantec.com | http://www.securityfocus.com/bid/91438 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1036198 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | http://www.securitytracker.com/id/1036199 | Third Party Advisory, VDB Entry | |
| secure@symantec.com | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/91438 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036198 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1036199 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9099B-FB1D-439B-BEAC-23D199542256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4AED9F60-CCEA-43EF-93B4-2C13F5574BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "24F42E84-1AB9-45CF-ABE7-17911915606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5393B-BC84-4590-9779-3A6752EC767F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression."
},
{
"lang": "es",
"value": "El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un archivo CAB manipulado que es manejado incorrectamente durante la descompresi\u00f3n."
}
],
"id": "CVE-2016-2211",
"lastModified": "2024-11-21T02:48:03.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:04.730",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91438"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:50
Severity ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE4FB61-2CCC-41DD-8F06-65DE35A98E75",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA33EC1-D6B3-47D1-BCA1-399BC95187A1",
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A310968-717F-4DE8-88EA-E1CF7B842121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"matchCriteriaId": "ED771B06-2BD2-4B5D-9F91-B5377595E931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"matchCriteriaId": "12B8F2F5-0929-4B95-B6C3-33581F489AF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message."
},
{
"lang": "es",
"value": "El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linuxen versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de datos MIME modificados en un mensaje."
}
],
"id": "CVE-2016-3644",
"lastModified": "2024-11-21T02:50:26.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:05.760",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91431"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40034/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40034/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9099B-FB1D-439B-BEAC-23D199542256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4AED9F60-CCEA-43EF-93B4-2C13F5574BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "24F42E84-1AB9-45CF-ABE7-17911915606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5393B-BC84-4590-9779-3A6752EC767F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression."
},
{
"lang": "es",
"value": "El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en veriones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1; y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (violaci\u00f3n de acceso a memoria) a trav\u00e9s de un archivo RAR manipulado que es manejado incorrectamente durante la descompresi\u00f3n."
}
],
"id": "CVE-2016-2207",
"lastModified": "2024-11-21T02:48:02.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:01.150",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91434"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40031/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91434"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40031/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:48
Severity ?
Summary
Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "4CB9099B-FB1D-439B-BEAC-23D199542256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "4AED9F60-CCEA-43EF-93B4-2C13F5574BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "24F42E84-1AB9-45CF-ABE7-17911915606A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A5393B-BC84-4590-9779-3A6752EC767F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "9F6B238A-F29B-4FBD-8212-4ECEA485CBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Dec2LHA.dll en el motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado."
}
],
"id": "CVE-2016-2210",
"lastModified": "2024-11-21T02:48:02.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 8.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:03.667",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91437"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40032/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:50
Severity ?
Summary
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE4FB61-2CCC-41DD-8F06-65DE35A98E75",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA33EC1-D6B3-47D1-BCA1-399BC95187A1",
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A310968-717F-4DE8-88EA-E1CF7B842121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"matchCriteriaId": "ED771B06-2BD2-4B5D-9F91-B5377595E931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"matchCriteriaId": "12B8F2F5-0929-4B95-B6C3-33581F489AF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression."
},
{
"lang": "es",
"value": "El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en veriones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1; y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (violaci\u00f3n de acceso a memoria) a trav\u00e9s de un archivo ZIP que es manejado incorrectamente durante la descompresi\u00f3n."
}
],
"id": "CVE-2016-3646",
"lastModified": "2024-11-21T02:50:27.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:07.763",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91435"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40036/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40036/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-06-30 23:59
Modified
2024-11-21 02:50
Severity ?
Summary
Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
"matchCriteriaId": "0C78C906-E9C6-4068-9A6F-3998E7741059",
"versionEndIncluding": "13.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56A57E41-7739-490E-ADD2-05B006148223",
"versionEndIncluding": "7.0.5",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD8F7EBB-8ACA-471F-9557-2A3C8E14A05F",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "580CEE93-D3FA-4D94-909B-DCBD18889E7F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6239DAA-EEB3-4483-9DAD-BC0D571BF29A",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64EFED02-BE21-40C2-B9DF-E2DEFE675A9F",
"versionEndIncluding": "2016.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A33DC725-184F-47DA-BE64-D90540B3B7AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "36039D60-BB6E-4701-B90E-D2954600386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CFC20B-2B5D-4E00-B62A-A95B593544DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
"matchCriteriaId": "39B85357-FE30-4BC2-8A2C-CE9C4383C777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AF15255A-1818-4554-86F6-C553087DBCBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "24823086-8771-4495-8DCB-47F1AF27988E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2DE4FB61-2CCC-41DD-8F06-65DE35A98E75",
"versionEndIncluding": "6.0.6",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:protection_for_sharepoint_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA33EC1-D6B3-47D1-BCA1-399BC95187A1",
"versionEndIncluding": "6.05",
"versionStartIncluding": "6.03",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "361DA2D7-C3CC-41A2-A39D-4DA2AFE31A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00B021EA-7B32-461A-9937-58AA646B62EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B105323B-438B-4506-9575-5D55AB837D53",
"versionEndIncluding": "10.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9A310968-717F-4DE8-88EA-E1CF7B842121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
"matchCriteriaId": "40DAC718-5E21-4616-AA68-F46E9D0DC5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
"matchCriteriaId": "E94A3EEE-61B5-47CD-B880-9E09F56BDAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
"matchCriteriaId": "1FF40801-FB4E-4708-85BD-CF22AB67AEE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
"matchCriteriaId": "9844DFD0-3834-4E3C-BE61-D7C1A6D5C76D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:linux:*:*",
"matchCriteriaId": "ED771B06-2BD2-4B5D-9F91-B5377595E931",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:macos:*:*",
"matchCriteriaId": "12B8F2F5-0929-4B95-B6C3-33581F489AF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "679C5062-D79D-4FE2-8764-9D6FFB1A87D6",
"versionEndIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC90DD4-8E70-4C5E-999C-C5E1F7483181",
"versionEndIncluding": "8.0.9",
"versionStartIncluding": "8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1AFC2C12-8952-4D10-A8DF-6F1092DEADD6",
"versionEndIncluding": "8.1.3",
"versionStartIncluding": "8.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18E0EBEA-966E-4A26-82F8-2451BBE2996D",
"versionEndIncluding": "7.0.4",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E786080F-C93C-4AAF-9752-6174E0F12D0A",
"versionEndIncluding": "7.5.4",
"versionStartIncluding": "7.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9042F0E1-F41D-4A9F-A3E8-07B2626B433F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D9E9B7-0F13-4D0F-95CB-3ECEABBD6E44",
"versionEndIncluding": "10.6.1-3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "40F434A2-9094-46E3-8A2C-E166FE2D296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A58C09D-72A0-48E1-ABF0-49EBECA5D02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "24796276-EB93-4499-AF41-E7608CB211B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3937479-A204-4308-901A-CF423667CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "740DB7AB-6027-4232-85AD-F30B37826B35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A6B2-C4B9-4CA3-93E7-77737C29744E",
"versionEndIncluding": "22.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data."
},
{
"lang": "es",
"value": "Desbordamiento de entero en el desempaquetado TNEF en el motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versi\u00f3n 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versi\u00f3n 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1 y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos tener un impacto no especificado a trav\u00e9s de datos TNEF manipulados."
}
],
"id": "CVE-2016-3645",
"lastModified": "2024-11-21T02:50:26.927",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-06-30T23:59:06.747",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91439"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/91439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1036199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/40035/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}