CERTFR-2016-AVI-222
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Symantec. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Symantec | N/A | Symantec Critical System Protection (SCSP) version 5.2.9 MP6 sans le dernier correctif de sécurité | ||
| Symantec | N/A | Symantec Message Gateway for Service Providers (SMG-SP) version 10.6 sans le correctif de sécurité 253 | ||
| Symantec | N/A | Symantec Endpoint Protection pour Mac (SEP pour Mac) versions 12.1.6 MP4 et antérieures sans le dernier correctif de sécurité | ||
| Symantec | N/A | Symantec Data Center Server (SDCS:SA) version 6.6 MP1 sans le dernier correctif de sécurité | ||
| Symantec | N/A | Norton Security versions antérieures à 22.7 | ||
| Symantec | N/A | Symantec Endpoint Protection (SEP) versions antérieures à SEP 12.1 RU6 MP5 | ||
| Symantec | N/A | Norton Security pour Mac versions antérieures à 13.0.2 | ||
| Symantec | N/A | Norton 360 versions antérieures à 22.7 | ||
| Symantec | N/A | Symantec Message Gateway for Service Providers (SMG-SP) version 10.5 sans le correctif de sécurité 254 | ||
| Symantec | N/A | Norton AntiVirus versions antérieures à 22.7 | ||
| Symantec | N/A | Symantec CSAPI versions antérieures à 10.0.4 HF01 | ||
| Symantec | N/A | Symantec Mail Security for Microsoft Exchange (SMSMSE) versions 7.5.4 et antérieures sans le correctif de sécurité SMSMSE_7.5_3966008_VHF1.2 | ||
| Symantec | N/A | Norton Power Eraser (NPE) versions antérieures à 5.1 | ||
| Symantec | N/A | Norton Bootable Removal Tool (NBRT) versions antérieures à 2016.1 | ||
| Symantec | N/A | Symantec Mail Security for Microsoft Exchange (SMSMSE) versions 7.0.4 et antérieures sans le correctif de sécurité SMSMSE_7.0_3966002_HF1.1 | ||
| Symantec | N/A | Symantec Data Center Server (SDCS:SA) version 6.5 MP1 sans le dernier correctif de sécurité | ||
| Symantec | N/A | Symantec Email Security Server .Cloud (ESS) | ||
| Symantec | N/A | Symantec Endpoint Protection pour Linux (SEP pour Linux) versions antérieures à 12.1 RU6 MP5 | ||
| Symantec | N/A | Symantec Protection Engine (SPE) versions 7.5.4 antérieures à SPE 7.5.4 HF01 | ||
| Symantec | N/A | Symantec Protection Engine (SPE) versions 7.8 antérieures à SPE 7.8.0 HF01 | ||
| Symantec | N/A | Symantec Advanced Threat Protection (ATP) sans le dernier correctif de sécurité | ||
| Symantec | N/A | Symantec Embedded Systems Critical System Protection (SES:CSP) version 1.0 MP5 sans le dernier correctif de sécurité | ||
| Symantec | N/A | Symantec Web Gateway | ||
| Symantec | N/A | Norton Internet Security versions antérieures à 22.7 | ||
| Symantec | N/A | Symantec Web Security .Cloud | ||
| Symantec | N/A | Symantec Embedded Systems Critical System Protection (SES:CSP) version 6.5.0 MP1 sans le dernier correctif de sécurité | ||
| Symantec | N/A | Symantec Protection Engine (SPE) versions antérieures à SPE 7.0.5 HF01 | ||
| Symantec | N/A | Symantec Protection for SharePoint Servers (SPSS) version 6.0.6 sans le correctif de sécurité SSPSS_6.0.6_HF_1.6 | ||
| Symantec | N/A | Symantec Mail Security for Domino (SMSDOM) versions 8.0.9 et antérieures sans le correctif de sécurité SMSDOM_8.0.9_HF1.1 | ||
| Symantec | N/A | Symantec Message Gateway (SMG) versions antérieures à 10.6.1-4 | ||
| Symantec | N/A | Symantec Protection for SharePoint Servers (SPSS) versions 6.03 à 6.05 sans le correctif de sécurité SPSS_6.0.3_To_6.0.5_HF_1.5 | ||
| Symantec | N/A | Norton Security with Backup versions antérieures à 22.7 | ||
| Symantec | N/A | Symantec Protection Engine (SPE) versions 7.5.3 antérieures à SPE 7.5.3 HF03 | ||
| Symantec | N/A | Symantec Mail Security for Domino (SMSDOM) versions 8.1.3 et antérieures sans le correctif de sécurité SMSDOM_8.1.3_HF1.2 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Symantec Critical System Protection (SCSP) version 5.2.9 MP6 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Message Gateway for Service Providers (SMG-SP) version 10.6 sans le correctif de s\u00e9curit\u00e9 253",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Endpoint Protection pour Mac (SEP pour Mac) versions 12.1.6 MP4 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Data Center Server (SDCS:SA) version 6.6 MP1 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton Security versions ant\u00e9rieures \u00e0 22.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Endpoint Protection (SEP) versions ant\u00e9rieures \u00e0 SEP 12.1 RU6 MP5",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton Security pour Mac versions ant\u00e9rieures \u00e0 13.0.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton 360 versions ant\u00e9rieures \u00e0 22.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Message Gateway for Service Providers (SMG-SP) version 10.5 sans le correctif de s\u00e9curit\u00e9 254",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton AntiVirus versions ant\u00e9rieures \u00e0 22.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec CSAPI versions ant\u00e9rieures \u00e0 10.0.4 HF01",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security for Microsoft Exchange (SMSMSE) versions 7.5.4 et ant\u00e9rieures sans le correctif de s\u00e9curit\u00e9 SMSMSE_7.5_3966008_VHF1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton Power Eraser (NPE) versions ant\u00e9rieures \u00e0 5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton Bootable Removal Tool (NBRT) versions ant\u00e9rieures \u00e0 2016.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security for Microsoft Exchange (SMSMSE) versions 7.0.4 et ant\u00e9rieures sans le correctif de s\u00e9curit\u00e9 SMSMSE_7.0_3966002_HF1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Data Center Server (SDCS:SA) version 6.5 MP1 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Email Security Server .Cloud (ESS)",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Endpoint Protection pour Linux (SEP pour Linux) versions ant\u00e9rieures \u00e0 12.1 RU6 MP5",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Protection Engine (SPE) versions 7.5.4 ant\u00e9rieures \u00e0 SPE 7.5.4 HF01",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Protection Engine (SPE) versions 7.8 ant\u00e9rieures \u00e0 SPE 7.8.0 HF01",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Advanced Threat Protection (ATP) sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Embedded Systems Critical System Protection (SES:CSP) version 1.0 MP5 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Web Gateway",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton Internet Security versions ant\u00e9rieures \u00e0 22.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Web Security .Cloud",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Embedded Systems Critical System Protection (SES:CSP) version 6.5.0 MP1 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Protection Engine (SPE) versions ant\u00e9rieures \u00e0 SPE 7.0.5 HF01",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Protection for SharePoint Servers (SPSS) version 6.0.6 sans le correctif de s\u00e9curit\u00e9 SSPSS_6.0.6_HF_1.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security for Domino (SMSDOM) versions 8.0.9 et ant\u00e9rieures sans le correctif de s\u00e9curit\u00e9 SMSDOM_8.0.9_HF1.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Message Gateway (SMG) versions ant\u00e9rieures \u00e0 10.6.1-4",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Protection for SharePoint Servers (SPSS) versions 6.03 \u00e0 6.05 sans le correctif de s\u00e9curit\u00e9 SPSS_6.0.3_To_6.0.5_HF_1.5",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton Security with Backup versions ant\u00e9rieures \u00e0 22.7",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Protection Engine (SPE) versions 7.5.3 ant\u00e9rieures \u00e0 SPE 7.5.3 HF03",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security for Domino (SMSDOM) versions 8.1.3 et ant\u00e9rieures sans le correctif de s\u00e9curit\u00e9 SMSDOM_8.1.3_HF1.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-2210",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2210"
},
{
"name": "CVE-2016-3644",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3644"
},
{
"name": "CVE-2016-2211",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2211"
},
{
"name": "CVE-2016-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2207"
},
{
"name": "CVE-2016-3645",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3645"
},
{
"name": "CVE-2016-2209",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2209"
}
],
"links": [
{
"title": "Blog Google Project Zero",
"url": "https://googleprojectzero.blogspot.fr/2016/06/how-to-compromise-enterprise-endpoint.html"
}
],
"reference": "CERTFR-2016-AVI-222",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-06-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Symantec\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Symantec",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM16-010 du 28 juin 2016",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…