FKIE_CVE-2009-3104

Vulnerability from fkie_nvd - Published: 2009-09-08 22:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors.
References
cve@mitre.orghttp://osvdb.org/57429
cve@mitre.orghttp://secunia.com/advisories/36493Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/34670
cve@mitre.orghttp://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_01
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/2449Vendor Advisory
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/52820
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/57429
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/36493Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34670
af854a3a-2127-422b-91ae-364da2661108http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_01
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2449Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/52820
Impacted products
Vendor Product Version
symantec antivirus 9.0
symantec antivirus 9.0
symantec antivirus 10.0
symantec antivirus 10.0
symantec antivirus 10.0
symantec antivirus 10.1
symantec antivirus 10.1
symantec antivirus 10.1
symantec antivirus 10.1
symantec antivirus 10.1
symantec antivirus 10.1
symantec antivirus 10.2
symantec antivirus 10.2
symantec client_security 2.0
symantec client_security 2.0
symantec client_security 3.0
symantec client_security 3.0
symantec client_security 3.0
symantec client_security 3.1
symantec client_security 3.1
symantec client_security 3.1
symantec client_security 3.1
symantec client_security 3.1
symantec norton_antivirus 2005
symantec norton_antivirus 2006
symantec norton_antivirus 2007
symantec norton_antivirus 2008
symantec norton_internet_security 2005
symantec norton_internet_security 2006
symantec norton_internet_security 2007
symantec norton_internet_security 2008
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:9.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "655D99D5-1805-4A6F-A5C1-FB4A8B3A6520",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:9.0:mr6:corporate:*:*:*:*:*",
              "matchCriteriaId": "BF932C81-A605-4A38-8642-A903692860BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*",
              "matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*",
              "matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
              "matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
              "matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
              "matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*",
              "matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
              "matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
              "matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
              "matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:2.0:mr6:*:*:*:*:*:*",
              "matchCriteriaId": "437DD896-93F5-49E1-AEE6-F7910F087FC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0:mr1:*:*:*:*:*:*",
              "matchCriteriaId": "6D4A3BB0-C293-47D5-AC66-4AFAEC45EFBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0:mr2:*:*:*:*:*:*",
              "matchCriteriaId": "120CD307-806A-45A8-9DCF-D23FEE072432",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
              "matchCriteriaId": "CD25A172-D70C-44E0-9551-F390AF0AD8A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
              "matchCriteriaId": "8FB89648-5727-4F8F-83B7-3E11CE69EA3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:mr6:*:*:*:*:*:*",
              "matchCriteriaId": "7E5A8C92-95C4-4ECC-AEA4-37F830B890E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:mr7:*:*:*:*:*:*",
              "matchCriteriaId": "589E62A1-067B-4220-9959-03367E5E014F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "C988B309-F397-412A-8570-C3823C7FE7E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA990FD5-DF2F-470A-936D-155A36BEDE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Symantec Norton AntiVirus 2005 hasta 2008; Norton Internet Security 2005 hasta 2008; AntiVirus Corporate Edition v9.0 anteriores a MR7, v10.0, v10.1 anteriores a MR8, y v10.2 anteriores a MR3; y Client Security v2.0 anteriores a MR7, v3.0, y v3.1 anteriores a MR8; cuando Internet Email Scanning est\u00e1 instalado y habilitado, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (consumo CPU y p\u00e9rdida de conexi\u00f3n persistente) a trav\u00e9s de vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2009-3104",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-09-08T22:30:00.530",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/57429"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36493"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/34670"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090826_01"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2449"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52820"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/57429"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36493"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090826_01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/2449"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52820"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.