var-200502-0085
Vulnerability from variot
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. The Symantec AntiVirus Library DEC2EXE component is vulnerable to remote arbitrary code execution. Various Symantec products are reported prone to a remote heap overflow vulnerability. This issue affects the UPX Parsing Engine shipped with the products. The Symantec Antivirus library is used to parse different file formats to detect malicious programs, and one of the modules, DEC2EXE, is used to detect UPX file formats. The module of the Symantec Antivirus library used to detect UPX files lacks correct handling of virtual file offsets. Remote attackers can exploit this vulnerability to construct malicious UPX files, trick users into processing them, and possibly execute arbitrary commands on the system with user process privileges. TITLE: Symantec Multiple Products UPX Parsing Engine Buffer Overflow
SECUNIA ADVISORY ID: SA14179
VERIFY ADVISORY: http://secunia.com/advisories/14179/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
OPERATING SYSTEM: Symantec Gateway Security 1.x http://secunia.com/product/876/ Symantec Gateway Security 2.x http://secunia.com/product/3104/
SOFTWARE: Norton Internet Security 2004 http://secunia.com/product/2441/ Norton Internet Security 2004 Professional http://secunia.com/product/2442/ Norton SystemWorks 2004 http://secunia.com/product/2796/ Symantec AntiVirus Corporate Edition 8.x http://secunia.com/product/659/ Symantec AntiVirus Corporate Edition 9.x http://secunia.com/product/3549/ Symantec AntiVirus for Caching 4.x http://secunia.com/product/4626/ Symantec AntiVirus for Network Attached Storage 4.x http://secunia.com/product/4625/ Symantec AntiVirus for SMTP Gateways 3.x http://secunia.com/product/2231/ Symantec AntiVirus Scan Engine 4.x http://secunia.com/product/3040/ Symantec AntiVirus/Filtering for Domino http://secunia.com/product/2029/ Symantec Brightmail AntiSpam 4.x http://secunia.com/product/4627/ Symantec Brightmail AntiSpam 5.x http://secunia.com/product/4628/ Symantec Client Security 1.x http://secunia.com/product/2344/ Symantec Client Security 2.x http://secunia.com/product/3478/ Symantec Mail Security for Exchange 4.x http://secunia.com/product/2820/ Symantec Mail Security for SMTP 4.x http://secunia.com/product/3558/ Symantec Norton AntiVirus 2004 http://secunia.com/product/2800/ Symantec Norton AntiVirus for Microsoft Exchange 2.x http://secunia.com/product/1017/ Symantec Web Security 3.x http://secunia.com/product/2813/
DESCRIPTION: ISS X-Force has reported a vulnerability in multiple Symantec products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the DEC2EXE parsing engine used by the antivirus scanning functionality when processing UPX compressed files. This can be exploited to cause a heap-based buffer overflow via a specially crafted UPX file.
The vulnerability affects the following products: * Norton AntiVirus for Microsoft Exchange 2.1 (prior to build 2.18.85) * Symantec Mail Security for Microsoft Exchange 4.0 (prior to build 4.0.10.465) * Symantec Mail Security for Microsoft Exchange 4.5 (prior to build 4.5.3) * Symantec AntiVirus/Filtering for Domino NT 3.1 (prior to build 3.1.1) * Symantec Mail Security for Domino 4.0 (prior to build 4.0.1) * Symantec AntiVirus/Filtering for Domino Ports 3.0 for AIX (prior to build 3.0.6) * Symantec AntiVirus/Filtering for Domino Ports 3.0 for OS400, Linux, Solaris (prior to build 3.0.7) * Symantec AntiVirus Scan Engine 4.3 (prior to build 4.3.3) * Symantec AntiVirus for Network Attached Storage (prior to build 4.3.3) * Symantec AntiVirus for Caching (prior to build 4.3.3) * Symantec AntiVirus for SMTP 3.1 (prior to build 3.1.7) * Symantec Mail Security for SMTP 4.0 (prior to build 4.0.2) * Symantec Web Security 3.0 (prior to build 3.0.1.70) * Symantec BrightMail AntiSpam 4.0 * Symantec BrightMail AntiSpam 5.5 * Symantec AntiVirus Corporate Edition 9.0 (prior to build 9.01.1000) * Symantec AntiVirus Corporate Edition 8.01, 8.1.1 * Symantec Client Security 2.0 (prior to build 9.01.1000) * Symantec Client Security 1.0 * Symantec Gateway Security 2.0, 2.0.1 - 5400 Series * Symantec Gateway Security 1.0 - 5300 Series * Symantec Norton Antivirus 2004 for Windows * Symantec Norton Internet Security 2004 (pro) for Windows * Symantec Norton System Works 2004 for Windows * Symantec Norton Antivirus 2004 for Macintosh * Symantec Norton Internet Security 2004 for Macintosh * Symantec Norton System Works 2004 for Macintosh * Symantec Norton Antivirus 9.0 for Macintosh * Symantec Norton Internet Security for Macintosh 3.0 * Symantec Norton System Works for Macintosh 3.0
SOLUTION: Updates are available (see the vendor advisory for details).
PROVIDED AND/OR DISCOVERED BY: Alex Wheeler, ISS X-Force.
ORIGINAL ADVISORY: Symantec: http://www.sarc.com/avcenter/security/Content/2005.02.08.html
ISS X-Force: http://xforce.iss.net/xforce/alerts/id/187
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200502-0085",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.460"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.434"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.464"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "1.0.1_build_8.01.437"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.01.437"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.0.1_build_8.01.457"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.1.319"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.01.68"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.01.67"
},
{
"model": "sav filter domino nt ports",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "build3.0.5"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.01.457"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr1_build_8.1.1.314a"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.01.434"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2004"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.01.62"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.0.1_build_8.01.446"
},
{
"model": "mail security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.0.1_build_8.01.471"
},
{
"model": "sav filter for domino nt",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.1.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr3_build_8.1.1.323"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "brightmail antispam",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "brightmail antispam",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "5.5"
},
{
"model": "norton system works",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2004"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.01.63"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.1_build8.1.1.314a"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.01.60"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.01.471"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr2_build_8.1.1.319"
},
{
"model": "mail security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.18_build_83"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.1.323"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.1.1.329"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr4_build_8.1.1.329"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.01.59"
},
{
"model": "mail security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "4.5_build_719"
},
{
"model": "web security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.01.61"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.01.446"
},
{
"model": "antivirus scan engine",
"scope": "lt",
"trust": 1.0,
"vendor": "symantec",
"version": "4.3.3"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.01.464"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "8.01.460"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.1.1_mr5_build_8.1.1.336"
},
{
"model": "antivirus/filtering for domino ports build",
"scope": "eq",
"trust": 0.9,
"vendor": "symantec",
"version": "3.03.0.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "antivirus scan engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "3.1.5"
},
{
"model": "antivirus scan engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "3.1.4"
},
{
"model": "antivirus scan engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "3.1.3"
},
{
"model": "antivirus scan engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "3.1.2"
},
{
"model": "antivirus scan engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "3.1.6"
},
{
"model": "antivirus scan engine",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "3.1.1"
},
{
"model": "web security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "norton systemworks",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton system works for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "norton system works for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "norton system works for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton internet security for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "norton internet security for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "norton internet security professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton internet security for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton antivirus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1"
},
{
"model": "norton antivirus for microsoft exchange build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1883"
},
{
"model": "norton antivirus for macintosh corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "norton antivirus for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "norton antivirus for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "norton antivirus for macintosh",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "mail security for smtp",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for microsoft exchange build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5719"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5"
},
{
"model": "mail security for microsoft exchange build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1459"
},
{
"model": "mail security for microsoft exchange build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1458"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1461"
},
{
"model": "mail security for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "mail security for domino build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.04.0.1"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0.1"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "54002.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "53001.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "client security mr5 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.336"
},
{
"model": "client security mr4 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.329"
},
{
"model": "client security mr3 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.323"
},
{
"model": "client security mr2 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.18.1.1.319"
},
{
"model": "client security mr1 build 8.1.1.314a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "client security mr8 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.471"
},
{
"model": "client security mr7 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.464"
},
{
"model": "client security mr6 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.460"
},
{
"model": "client security mr5 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.457"
},
{
"model": "client security mr4 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.446"
},
{
"model": "client security mr3 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.434"
},
{
"model": "client security build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.18.01.437"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "brightmail anti-spam",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.5"
},
{
"model": "brightmail anti-spam",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "antivirus/filtering for domino ports",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "antivirus/filtering for domino nt",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "antivirus scan engine for netapp netcache",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3"
},
{
"model": "antivirus scan engine for netapp netcache",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "antivirus scan engine for netapp filer",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3"
},
{
"model": "antivirus scan engine for netapp filer",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "antivirus scan engine for isa",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3"
},
{
"model": "antivirus scan engine for isa",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "antivirus scan engine for filers",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3"
},
{
"model": "antivirus scan engine for caching",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3"
},
{
"model": "antivirus scan engine for bluecoat",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3"
},
{
"model": "antivirus scan engine for bluecoat",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "antivirus scan engine",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3"
},
{
"model": "antivirus scan engine",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0"
},
{
"model": "antivirus for smtp build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.13.1.6"
},
{
"model": "antivirus for smtp build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.13.1.5"
},
{
"model": "antivirus for smtp build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.13.1.4"
},
{
"model": "antivirus for smtp build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.13.1.3"
},
{
"model": "antivirus for smtp build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.13.1.2"
},
{
"model": "antivirus for smtp build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.13.1.1"
},
{
"model": "antivirus for smtp",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "antivirus for network attached storage",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "antivirus for caching",
"scope": null,
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.329"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.323"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.18.1.1.319"
},
{
"model": "antivirus corporate edition build 8.1.1.314a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.471"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.464"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.460"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.457"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.446"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.437"
},
{
"model": "antivirus corporate edition build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.18.01.434"
},
{
"model": "antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.01"
},
{
"model": "web security build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.13.01.59"
},
{
"model": "web security build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.13.0.1.72"
},
{
"model": "web security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.1.70"
},
{
"model": "norton systemworks",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton system works for macintosh",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "norton system works for macintosh",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "norton system works premier",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2005"
},
{
"model": "norton internet security for macintosh",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "norton internet security for macintosh",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "norton internet security",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2005"
},
{
"model": "norton internet security professional edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton antivirus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.18.88"
},
{
"model": "norton antivirus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.18.85"
},
{
"model": "norton antivirus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.18.82"
},
{
"model": "norton antivirus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.1"
},
{
"model": "norton antivirus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "norton antivirus for ms exchange",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.5"
},
{
"model": "norton antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.6"
},
{
"model": "norton antivirus for macintosh",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0"
},
{
"model": "norton antivirus for macintosh",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "norton antivirus for macintosh",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "norton antivirus",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2005"
},
{
"model": "norton antivirus",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "20030"
},
{
"model": "mail-gear",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1"
},
{
"model": "mail-gear",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "mail security for smtp",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for microsoft exchange build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.697"
},
{
"model": "mail security for microsoft exchange build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5743"
},
{
"model": "mail security for microsoft exchange build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5741"
},
{
"model": "mail security for microsoft exchange build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.5736"
},
{
"model": "mail security for microsoft exchange build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0465"
},
{
"model": "mail security for microsoft exchange build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0463"
},
{
"model": "mail security for microsoft exchange build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0456"
},
{
"model": "mail security for domino",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.1"
},
{
"model": "mail security for domino",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.0.1"
},
{
"model": "mail security for domino build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.04.0.1"
},
{
"model": "i-gear ms proxy",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.5"
},
{
"model": "client security for nokia communicator",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "client security mr3 b9.0.3.1000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.3"
},
{
"model": "client security mr2 b9.0.2.1000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.2"
},
{
"model": "client security mr1 b9.0.1.1000",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.0.1"
},
{
"model": "client security stm build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2.09.0.0.338"
},
{
"model": "client security mr6 b8.1.1.266",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1.1"
},
{
"model": "client security stm b8.1.0.825a",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.1"
},
{
"model": "client security mr9 b8.01.501",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security mr2 b8.01.429c",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security mr1 b8.01.425a/b",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.1"
},
{
"model": "client security b8.01.9378",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0.0"
},
{
"model": "client security b8.01.9374",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "brightmail anti-spam",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0.1"
},
{
"model": "brightmail anti-spam",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "6.0"
},
{
"model": "antivirus/filtering for domino ports",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.7"
},
{
"model": "antivirus/filtering for domino ports",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.6"
},
{
"model": "antivirus/filtering for domino ports",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.5"
},
{
"model": "antivirus/filtering for domino nt",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.1"
},
{
"model": "antivirus/filtering for domino nt",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "antivirus scan engine for netapp netcache build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.34.3.3"
},
{
"model": "antivirus scan engine for netapp filer build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.34.3.3"
},
{
"model": "antivirus scan engine for microsoft portal",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3"
},
{
"model": "antivirus scan engine for isa build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.34.3.3"
},
{
"model": "antivirus scan engine for filers build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.34.3.3"
},
{
"model": "antivirus scan engine for bluecoat build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.34.3.3"
},
{
"model": "antivirus scan engine",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3.3"
},
{
"model": "antivirus for smtp",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.7"
},
{
"model": "antivirus for smtp build",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.03.0.0.29"
},
{
"model": "antivirus for ms office sharepoint portal server",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "antivirus for microsoft office",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "antivirus for handhelds corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "antivirus for handhelds",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.0.194"
},
{
"model": "antivirus for handhelds",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "antivirus for caching",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "4.3.3"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.3.1000"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.2.1000"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.1.1.1000"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "9.0.0.338"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1.1.366"
},
{
"model": "antivirus corporate edition .0.825a",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.1"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.01.9378"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.01.9374"
},
{
"model": "antivirus corporate edition",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.01.501"
},
{
"model": "antivirus corporate edition 1.429c",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "antivirus corporate edition 1.425a/b",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "antispam for smtp",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107822"
},
{
"db": "BID",
"id": "12492"
},
{
"db": "NVD",
"id": "CVE-2005-0249"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:gateway_security:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security:4.1:build_461:exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2.18_build_83:*:exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:aix:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:sav_filter_for_domino_nt:3.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:antivirus_scan_engine:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.3.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security:4.1:build_458:exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security:4.1:build_459:exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh_corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2004:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:gateway_security:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_system_works:2004:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:os_400:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0249"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alex Wheeler",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
],
"trust": 0.6
},
"cve": "CVE-2005-0249",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-11458",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-0249",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#107822",
"trust": 0.8,
"value": "20.14"
},
{
"author": "CNNVD",
"id": "CNNVD-200502-011",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-11458",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107822"
},
{
"db": "VULHUB",
"id": "VHN-11458"
},
{
"db": "NVD",
"id": "CVE-2005-0249"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. The Symantec AntiVirus Library DEC2EXE component is vulnerable to remote arbitrary code execution. Various Symantec products are reported prone to a remote heap overflow vulnerability. This issue affects the UPX Parsing Engine shipped with the products. The Symantec Antivirus library is used to parse different file formats to detect malicious programs, and one of the modules, DEC2EXE, is used to detect UPX file formats. The module of the Symantec Antivirus library used to detect UPX files lacks correct handling of virtual file offsets. Remote attackers can exploit this vulnerability to construct malicious UPX files, trick users into processing them, and possibly execute arbitrary commands on the system with user process privileges. \nTITLE:\nSymantec Multiple Products UPX Parsing Engine Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA14179\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/14179/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSymantec Gateway Security 1.x\nhttp://secunia.com/product/876/\nSymantec Gateway Security 2.x\nhttp://secunia.com/product/3104/\n\nSOFTWARE:\nNorton Internet Security 2004\nhttp://secunia.com/product/2441/\nNorton Internet Security 2004 Professional\nhttp://secunia.com/product/2442/\nNorton SystemWorks 2004\nhttp://secunia.com/product/2796/\nSymantec AntiVirus Corporate Edition 8.x\nhttp://secunia.com/product/659/\nSymantec AntiVirus Corporate Edition 9.x\nhttp://secunia.com/product/3549/\nSymantec AntiVirus for Caching 4.x\nhttp://secunia.com/product/4626/\nSymantec AntiVirus for Network Attached Storage 4.x\nhttp://secunia.com/product/4625/\nSymantec AntiVirus for SMTP Gateways 3.x\nhttp://secunia.com/product/2231/\nSymantec AntiVirus Scan Engine 4.x\nhttp://secunia.com/product/3040/\nSymantec AntiVirus/Filtering for Domino\nhttp://secunia.com/product/2029/\nSymantec Brightmail AntiSpam 4.x\nhttp://secunia.com/product/4627/\nSymantec Brightmail AntiSpam 5.x\nhttp://secunia.com/product/4628/\nSymantec Client Security 1.x\nhttp://secunia.com/product/2344/\nSymantec Client Security 2.x\nhttp://secunia.com/product/3478/\nSymantec Mail Security for Exchange 4.x\nhttp://secunia.com/product/2820/\nSymantec Mail Security for SMTP 4.x\nhttp://secunia.com/product/3558/\nSymantec Norton AntiVirus 2004\nhttp://secunia.com/product/2800/\nSymantec Norton AntiVirus for Microsoft Exchange 2.x\nhttp://secunia.com/product/1017/\nSymantec Web Security 3.x\nhttp://secunia.com/product/2813/\n\nDESCRIPTION:\nISS X-Force has reported a vulnerability in multiple Symantec\nproducts, which can be exploited by malicious people to compromise a\nvulnerable system. \n\nThe vulnerability is caused due to a boundary error in the DEC2EXE\nparsing engine used by the antivirus scanning functionality when\nprocessing UPX compressed files. This can be exploited to cause a\nheap-based buffer overflow via a specially crafted UPX file. \n\nThe vulnerability affects the following products:\n* Norton AntiVirus for Microsoft Exchange 2.1 (prior to build\n2.18.85)\n* Symantec Mail Security for Microsoft Exchange 4.0 (prior to build\n4.0.10.465)\n* Symantec Mail Security for Microsoft Exchange 4.5 (prior to build\n4.5.3)\n* Symantec AntiVirus/Filtering for Domino NT 3.1 (prior to build\n3.1.1)\n* Symantec Mail Security for Domino 4.0 (prior to build 4.0.1)\n* Symantec AntiVirus/Filtering for Domino Ports 3.0 for AIX (prior to\nbuild 3.0.6)\n* Symantec AntiVirus/Filtering for Domino Ports 3.0 for OS400, Linux,\nSolaris (prior to build 3.0.7)\n* Symantec AntiVirus Scan Engine 4.3 (prior to build 4.3.3)\n* Symantec AntiVirus for Network Attached Storage (prior to build\n4.3.3)\n* Symantec AntiVirus for Caching (prior to build 4.3.3)\n* Symantec AntiVirus for SMTP 3.1 (prior to build 3.1.7)\n* Symantec Mail Security for SMTP 4.0 (prior to build 4.0.2)\n* Symantec Web Security 3.0 (prior to build 3.0.1.70)\n* Symantec BrightMail AntiSpam 4.0\n* Symantec BrightMail AntiSpam 5.5\n* Symantec AntiVirus Corporate Edition 9.0 (prior to build\n9.01.1000)\n* Symantec AntiVirus Corporate Edition 8.01, 8.1.1 \n* Symantec Client Security 2.0 (prior to build 9.01.1000)\n* Symantec Client Security 1.0\n* Symantec Gateway Security 2.0, 2.0.1 - 5400 Series\n* Symantec Gateway Security 1.0 - 5300 Series\n* Symantec Norton Antivirus 2004 for Windows\n* Symantec Norton Internet Security 2004 (pro) for Windows\n* Symantec Norton System Works 2004 for Windows\n* Symantec Norton Antivirus 2004 for Macintosh\n* Symantec Norton Internet Security 2004 for Macintosh\n* Symantec Norton System Works 2004 for Macintosh\n* Symantec Norton Antivirus 9.0 for Macintosh\n* Symantec Norton Internet Security for Macintosh 3.0\n* Symantec Norton System Works for Macintosh 3.0\n\nSOLUTION:\nUpdates are available (see the vendor advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nAlex Wheeler, ISS X-Force. \n\nORIGINAL ADVISORY:\nSymantec:\nhttp://www.sarc.com/avcenter/security/Content/2005.02.08.html\n\nISS X-Force:\nhttp://xforce.iss.net/xforce/alerts/id/187\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0249"
},
{
"db": "CERT/CC",
"id": "VU#107822"
},
{
"db": "BID",
"id": "12492"
},
{
"db": "VULHUB",
"id": "VHN-11458"
},
{
"db": "PACKETSTORM",
"id": "36129"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-11458",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-11458"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECTRACK",
"id": "1013133",
"trust": 2.5
},
{
"db": "CERT/CC",
"id": "VU#107822",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2005-0249",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "14179",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-200502-011",
"trust": 0.6
},
{
"db": "BID",
"id": "12492",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-11458",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "36129",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107822"
},
{
"db": "VULHUB",
"id": "VHN-11458"
},
{
"db": "BID",
"id": "12492"
},
{
"db": "PACKETSTORM",
"id": "36129"
},
{
"db": "NVD",
"id": "CVE-2005-0249"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
]
},
"id": "VAR-200502-0085",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-11458"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:30:58.416000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Symantec AntiVirus UPX Fixes for file parsing library heap overflow vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=98499"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-0249"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://xforce.iss.net/xforce/alerts/id/187"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/107822"
},
{
"trust": 1.7,
"url": "http://www.symantec.com/avcenter/security/content/2005.02.08.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1013133"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18869"
},
{
"trust": 0.9,
"url": "http://www.sarc.com/avcenter/security/content/2005.02.08.html"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/14179/"
},
{
"trust": 0.8,
"url": "http://www.sarc.com/avcenter/venc/data/bloodhound.exploit.26.html"
},
{
"trust": 0.8,
"url": "http://service1.symantec.com/support/ent-security.nsf/docid/2005020911112648"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/feb/1013133.html"
},
{
"trust": 0.3,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.02.08.html"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "/archive/1/390214"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2796/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2800/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3478/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3104/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2231/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2442/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1017/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4625/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3549/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2441/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2820/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2029/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4628/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/659/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2813/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/876/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3558/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3040/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4627/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4626/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2344/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#107822"
},
{
"db": "VULHUB",
"id": "VHN-11458"
},
{
"db": "BID",
"id": "12492"
},
{
"db": "PACKETSTORM",
"id": "36129"
},
{
"db": "NVD",
"id": "CVE-2005-0249"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#107822"
},
{
"db": "VULHUB",
"id": "VHN-11458"
},
{
"db": "BID",
"id": "12492"
},
{
"db": "PACKETSTORM",
"id": "36129"
},
{
"db": "NVD",
"id": "CVE-2005-0249"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-02-10T00:00:00",
"db": "CERT/CC",
"id": "VU#107822"
},
{
"date": "2005-02-08T00:00:00",
"db": "VULHUB",
"id": "VHN-11458"
},
{
"date": "2005-02-08T00:00:00",
"db": "BID",
"id": "12492"
},
{
"date": "2005-02-23T04:47:45",
"db": "PACKETSTORM",
"id": "36129"
},
{
"date": "2005-02-08T05:00:00",
"db": "NVD",
"id": "CVE-2005-0249"
},
{
"date": "2005-02-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-02-22T00:00:00",
"db": "CERT/CC",
"id": "VU#107822"
},
{
"date": "2019-09-20T00:00:00",
"db": "VULHUB",
"id": "VHN-11458"
},
{
"date": "2009-07-12T10:06:00",
"db": "BID",
"id": "12492"
},
{
"date": "2019-09-20T13:24:20.587000",
"db": "NVD",
"id": "CVE-2005-0249"
},
{
"date": "2019-09-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec products vulnerable to buffer overflow via a specially crafted UPX file",
"sources": [
{
"db": "CERT/CC",
"id": "VU#107822"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-011"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.