var-201606-0017
Vulnerability from variot

Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file. plural Symantec Product decompression engine Dec2SS.dll Contains a buffer overflow vulnerability.A third party may be able to execute arbitrary code via a crafted file. Multiple Symantec products are prone to a buffer-overflow vulnerability. Successful exploits may allow the attacker to execute arbitrary code on a vulnerable system. Failed exploit attempts likely result in denial-of-service conditions. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security

Show details on source website


{
   "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
      affected_products: {
         "@id": "https://www.variotdbs.pl/ref/affected_products",
      },
      configurations: {
         "@id": "https://www.variotdbs.pl/ref/configurations",
      },
      credits: {
         "@id": "https://www.variotdbs.pl/ref/credits",
      },
      cvss: {
         "@id": "https://www.variotdbs.pl/ref/cvss/",
      },
      description: {
         "@id": "https://www.variotdbs.pl/ref/description/",
      },
      exploit_availability: {
         "@id": "https://www.variotdbs.pl/ref/exploit_availability/",
      },
      external_ids: {
         "@id": "https://www.variotdbs.pl/ref/external_ids/",
      },
      iot: {
         "@id": "https://www.variotdbs.pl/ref/iot/",
      },
      iot_taxonomy: {
         "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/",
      },
      patch: {
         "@id": "https://www.variotdbs.pl/ref/patch/",
      },
      problemtype_data: {
         "@id": "https://www.variotdbs.pl/ref/problemtype_data/",
      },
      references: {
         "@id": "https://www.variotdbs.pl/ref/references/",
      },
      sources: {
         "@id": "https://www.variotdbs.pl/ref/sources/",
      },
      sources_release_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_release_date/",
      },
      sources_update_date: {
         "@id": "https://www.variotdbs.pl/ref/sources_update_date/",
      },
      threat_type: {
         "@id": "https://www.variotdbs.pl/ref/threat_type/",
      },
      title: {
         "@id": "https://www.variotdbs.pl/ref/title/",
      },
      type: {
         "@id": "https://www.variotdbs.pl/ref/type/",
      },
   },
   "@id": "https://www.variotdbs.pl/vuln/VAR-201606-0017",
   affected_products: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 1.6,
            vendor: "symantec",
            version: "6.5.8",
         },
         {
            model: "message gateway for service providers",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "10.6",
         },
         {
            model: "protection engine",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "7.8.0",
         },
         {
            model: "norton security",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "13.0.1",
         },
         {
            model: "protection for sharepoint servers",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "6.06",
         },
         {
            model: "mail security for domino",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "8.0.9",
         },
         {
            model: "norton power eraser",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "5.0",
         },
         {
            model: "mail security for domino",
            scope: "gte",
            trust: 1,
            vendor: "symantec",
            version: "8.1",
         },
         {
            model: "norton internet security",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "*",
         },
         {
            model: "data center security server",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "6.6",
         },
         {
            model: "protection for sharepoint servers",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "6.04",
         },
         {
            model: "protection engine",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "7.0.5",
         },
         {
            model: "mail security for domino",
            scope: "gte",
            trust: 1,
            vendor: "symantec",
            version: "8.0",
         },
         {
            model: "mail security for domino",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "8.1.3",
         },
         {
            model: "protection engine",
            scope: "gte",
            trust: 1,
            vendor: "symantec",
            version: "7.0.0",
         },
         {
            model: "norton antivirus",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "*",
         },
         {
            model: "protection for sharepoint servers",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "6.05",
         },
         {
            model: "message gateway for service providers",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "10.5",
         },
         {
            model: "data center security server",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "6.0",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "gte",
            trust: 1,
            vendor: "symantec",
            version: "7.5",
         },
         {
            model: "message gateway",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "10.6.1-3",
         },
         {
            model: "data center security server",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "6.5",
         },
         {
            model: "ngc",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "22.6",
         },
         {
            model: "advanced threat protection",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "2.0.3",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "12.1.6",
         },
         {
            model: "norton security with backup",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "*",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "gte",
            trust: 1,
            vendor: "symantec",
            version: "7.0",
         },
         {
            model: "norton bootable removal tool",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "2016.0",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "7.5.4",
         },
         {
            model: "protection for sharepoint servers",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "6.03",
         },
         {
            model: "protection engine",
            scope: "gte",
            trust: 1,
            vendor: "symantec",
            version: "7.5.0",
         },
         {
            model: "csapi",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "10.0.4",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "7.0.4",
         },
         {
            model: "protection engine",
            scope: "lte",
            trust: 1,
            vendor: "symantec",
            version: "7.5.4",
         },
         {
            model: "norton security",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "*",
         },
         {
            model: "norton 360",
            scope: "eq",
            trust: 1,
            vendor: "symantec",
            version: "*",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.9,
            vendor: "symantec",
            version: "8.0.9",
         },
         {
            model: "norton security with backup",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "ngc 22.7",
         },
         {
            model: "protection engine",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(spe) 7.8.0",
         },
         {
            model: "data center security:server",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(sdcs:s) 6.6",
         },
         {
            model: "message gateway for service providers",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(smg-sp) 10.5",
         },
         {
            model: "norton 360",
            scope: "lt",
            trust: 0.8,
            vendor: "symantec",
            version: "everything",
         },
         {
            model: "protection engine",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(spe) 7.5.4 and earlier",
         },
         {
            model: "web gateway",
            scope: null,
            trust: 0.8,
            vendor: "symantec",
            version: null,
         },
         {
            model: "norton security with backup",
            scope: "lt",
            trust: 0.8,
            vendor: "symantec",
            version: "everything",
         },
         {
            model: "web security",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: ".cloud",
         },
         {
            model: "mail security for domino",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(smsdom) 8.0.9 and earlier",
         },
         {
            model: "advanced threat protection",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(atp) 2.0.3 and earlier",
         },
         {
            model: "norton bootable removal tool",
            scope: "lt",
            trust: 0.8,
            vendor: "symantec",
            version: "everything",
         },
         {
            model: "csapi",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "10.0.4 and earlier",
         },
         {
            model: "data center security:server",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(sdcs:s) 6.0",
         },
         {
            model: "endpoint protection",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "for mac (sep for mac) 12.1.6 mp4 and earlier",
         },
         {
            model: "message gateway for service providers",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(smg-sp) 10.6",
         },
         {
            model: "protection for sharepoint servers",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(spss) 6.03 to  6.05",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(smsmse) 6.5.8",
         },
         {
            model: "norton antivirus",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "ngc 22.7",
         },
         {
            model: "data center security:server",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(sdcs:s) 6.5mp1",
         },
         {
            model: "norton security",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "ngc 22.7",
         },
         {
            model: "endpoint protection",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "for linux (sep for linux) 12.1.6 mp4 and earlier",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(smsmse) 7.0.4 and earlier",
         },
         {
            model: "norton security",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "for mac 13.0.2",
         },
         {
            model: "norton internet security",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "ngc 22.7",
         },
         {
            model: "protection for sharepoint servers",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(spss) 6.0.6 and earlier",
         },
         {
            model: "data center security:server",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(sdcs:s) 6.5",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(smsmse) 7.5.4 and earlier",
         },
         {
            model: "norton security",
            scope: "lt",
            trust: 0.8,
            vendor: "symantec",
            version: "everything",
         },
         {
            model: "norton power eraser",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(npe) 5.1",
         },
         {
            model: "norton bootable removal tool",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(nbrt) 2016.1",
         },
         {
            model: "endpoint protection",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(sep) 12.1.6 mp4 and earlier",
         },
         {
            model: "norton product family",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "ngc 22.7",
         },
         {
            model: "data center security:server",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(sdcs:s) 6.0mp1",
         },
         {
            model: "data center security:server",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "(sdcs:s) 6.6mp1",
         },
         {
            model: "norton 360",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: "ngc 22.7",
         },
         {
            model: "message gateway",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(smg) 10.6.1-3 and earlier",
         },
         {
            model: "norton antivirus",
            scope: "lt",
            trust: 0.8,
            vendor: "symantec",
            version: "everything",
         },
         {
            model: "norton product family",
            scope: "lt",
            trust: 0.8,
            vendor: "symantec",
            version: "everything",
         },
         {
            model: "norton power eraser",
            scope: "lt",
            trust: 0.8,
            vendor: "symantec",
            version: "everything",
         },
         {
            model: "mail security for domino",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(smsdom) 8.1.3 and earlier",
         },
         {
            model: "norton internet security",
            scope: "lt",
            trust: 0.8,
            vendor: "symantec",
            version: "everything",
         },
         {
            model: "protection engine",
            scope: "lte",
            trust: 0.8,
            vendor: "symantec",
            version: "(spe) 7.0.5 and earlier",
         },
         {
            model: "email security server",
            scope: "eq",
            trust: 0.8,
            vendor: "symantec",
            version: ".cloud (ess)",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "11.0.4000.2295",
         },
         {
            model: "endpoint protection ru6",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "advanced threat protection",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "2.0.3",
         },
         {
            model: "protection engine",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "7.0.5",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "7.0.4",
         },
         {
            model: "protection engine",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "7.5.4",
         },
         {
            model: "norton bootable removal tool",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "2016.0",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "7.5.4",
         },
         {
            model: "norton power eraser",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "5.0",
         },
         {
            model: "csapi",
            scope: "eq",
            trust: 0.6,
            vendor: "symantec",
            version: "10.0.4",
         },
         {
            model: "web gateway",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.3",
         },
         {
            model: "web gateway",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.1",
         },
         {
            model: "web gateway",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0",
         },
         {
            model: "web gateway",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.5",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.5.6",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.5.1",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.5",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.11",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.10",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.9",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.8",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.7",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.6",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.5",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.13",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.12",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.11",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.10.382",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.10",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.5",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.0",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.5.5",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.13",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.12",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "6.0.0.1",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.7.373",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.6.368",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.4.363",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.0.024",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.6.8.120",
         },
         {
            model: "mail security for microsoft exchange",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.6.5.12",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "8.0.6",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "8.0.3",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "8.0.2",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "8.0.1",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.10",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.9",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.8",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.7",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.6",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.325",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.1",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.0.47",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.1.4",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.1",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.0.1",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.0",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "8.0.8",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "8.0",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.5.32",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.4.29",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.3.25",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.12",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.11",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5.0.19",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "7.5",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.1.4.32",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "5.1.2.28",
         },
         {
            model: "mail security for domino",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "4.1.9.37",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.4010.26",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.4010.19",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.4000",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.3001.2224",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.2020.56",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.2010.25",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.2001.10",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.2000.1567",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.781.1287",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.780.1109",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.2",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.1",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "12.1",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "12.0",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.6200.754",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.4202.75",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.3001",
         },
         {
            model: "endpoint protection mp2",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.2",
         },
         {
            model: "endpoint protection mp1",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.2",
         },
         {
            model: "endpoint protection mp2",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.1",
         },
         {
            model: "endpoint protection mp1",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0.1",
         },
         {
            model: "endpoint protection ru7 mp2",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru7 mp1",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6mp2",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6mp1",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6a",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6-mp3(11.0.63",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6-mp2(11.0.62",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6-mp1(11.0.61",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6 mp4",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6 mp3",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6 mp2",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru6 mp1",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru5",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru4",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection mr3",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection mr2",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection mr1",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11.0",
         },
         {
            model: "endpoint protection ru7",
            scope: "eq",
            trust: 0.3,
            vendor: "symantec",
            version: "11",
         },
      ],
      sources: [
         {
            db: "BID",
            id: "91436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            db: "NVD",
            id: "CVE-2016-2209",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
   },
   configurations: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/configurations#",
         children: {
            "@container": "@list",
         },
         cpe_match: {
            "@container": "@list",
         },
         data: {
            "@container": "@list",
         },
         nodes: {
            "@container": "@list",
         },
      },
      data: [
         {
            CVE_data_version: "4.0",
            nodes: [
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:6.5.8:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "7.0.4",
                        versionStartIncluding: "7.0",
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:mail_security_for_microsoft_exchange:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "7.5.4",
                        versionStartIncluding: "7.5",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:norton_power_eraser:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "5.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:protection_engine:7.8.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "7.5.4",
                        versionStartIncluding: "7.5.0",
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:protection_engine:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "7.0.5",
                        versionStartIncluding: "7.0.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:message_gateway:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "10.6.1-3",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:ngc:*:*:*:*:*:*:*:*",
                              cpe_name: [],
                              versionEndIncluding: "22.6",
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.5:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:message_gateway_for_service_providers:10.6:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:norton_bootable_removal_tool:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "2016.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "8.1.3",
                        versionStartIncluding: "8.1",
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:mail_security_for_domino:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "8.0.9",
                        versionStartIncluding: "8.0",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:data_center_security_server:6.0:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:data_center_security_server:6.0:mp1:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:data_center_security_server:6.5:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:data_center_security_server:6.6:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:data_center_security_server:6.5:mp1:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:data_center_security_server:6.6:mp1:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:macos:*:*",
                        cpe_name: [],
                        versionEndIncluding: "13.0.1",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:advanced_threat_protection:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "2.0.3",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.03:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.05:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.04:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:protection_for_sharepoint_servers:6.06:*:*:*:*:*:*:*",
                        cpe_name: [],
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [],
                  cpe_match: [
                     {
                        cpe23Uri: "cpe:2.3:a:symantec:csapi:*:*:*:*:*:*:*:*",
                        cpe_name: [],
                        versionEndIncluding: "10.0.4",
                        vulnerable: true,
                     },
                  ],
                  operator: "OR",
               },
               {
                  children: [
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp4:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1a:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp3:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp1:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                           {
                              cpe23Uri: "cpe:2.3:a:symantec:endpoint_protection:12.1.6:mp2:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: true,
                           },
                        ],
                        operator: "OR",
                     },
                     {
                        children: [],
                        cpe_match: [
                           {
                              cpe23Uri: "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                           {
                              cpe23Uri: "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
                              cpe_name: [],
                              vulnerable: false,
                           },
                        ],
                        operator: "OR",
                     },
                  ],
                  cpe_match: [],
                  operator: "AND",
               },
            ],
         },
      ],
      sources: [
         {
            db: "NVD",
            id: "CVE-2016-2209",
         },
      ],
   },
   credits: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/credits#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Tavis Ormandy with Google's Project Zero",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
      trust: 0.6,
   },
   cve: "CVE-2016-2209",
   cvss: {
      "@context": {
         cvssV2: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2",
         },
         cvssV3: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/",
         },
         severity: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/cvss/severity#",
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
            "@id": "https://www.variotdbs.pl/ref/sources",
         },
      },
      data: [
         {
            cvssV2: [
               {
                  acInsufInfo: false,
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "NVD",
                  availabilityImpact: "COMPLETE",
                  baseScore: 9,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 10,
                  impactScore: 8.5,
                  integrityImpact: "PARTIAL",
                  obtainAllPrivilege: false,
                  obtainOtherPrivilege: false,
                  obtainUserPrivilege: false,
                  severity: "HIGH",
                  trust: 1,
                  userInteractionRequired: false,
                  vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:C",
                  version: "2.0",
               },
               {
                  acInsufInfo: null,
                  accessComplexity: "Low",
                  accessVector: "Network",
                  authentication: "None",
                  author: "NVD",
                  availabilityImpact: "Complete",
                  baseScore: 9,
                  confidentialityImpact: "Partial",
                  exploitabilityScore: null,
                  id: "CVE-2016-2209",
                  impactScore: null,
                  integrityImpact: "Partial",
                  obtainAllPrivilege: null,
                  obtainOtherPrivilege: null,
                  obtainUserPrivilege: null,
                  severity: "High",
                  trust: 0.9,
                  userInteractionRequired: null,
                  vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:C",
                  version: "2.0",
               },
               {
                  accessComplexity: "LOW",
                  accessVector: "NETWORK",
                  authentication: "NONE",
                  author: "VULHUB",
                  availabilityImpact: "COMPLETE",
                  baseScore: 9,
                  confidentialityImpact: "PARTIAL",
                  exploitabilityScore: 10,
                  id: "VHN-91028",
                  impactScore: 8.5,
                  integrityImpact: "PARTIAL",
                  severity: "HIGH",
                  trust: 0.1,
                  vectorString: "AV:N/AC:L/AU:N/C:P/I:P/A:C",
                  version: "2.0",
               },
            ],
            cvssV3: [
               {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  author: "NVD",
                  availabilityImpact: "HIGH",
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "LOW",
                  exploitabilityScore: 2.5,
                  impactScore: 4.7,
                  integrityImpact: "LOW",
                  privilegesRequired: "NONE",
                  scope: "UNCHANGED",
                  trust: 1,
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.0",
               },
               {
                  attackComplexity: "Low",
                  attackVector: "Local",
                  author: "NVD",
                  availabilityImpact: "High",
                  baseScore: 7.3,
                  baseSeverity: "High",
                  confidentialityImpact: "Low",
                  exploitabilityScore: null,
                  id: "CVE-2016-2209",
                  impactScore: null,
                  integrityImpact: "Low",
                  privilegesRequired: "None",
                  scope: "Unchanged",
                  trust: 0.8,
                  userInteraction: "None",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.0",
               },
            ],
            severity: [
               {
                  author: "NVD",
                  id: "CVE-2016-2209",
                  trust: 1.8,
                  value: "HIGH",
               },
               {
                  author: "CNNVD",
                  id: "CNNVD-201606-627",
                  trust: 0.6,
                  value: "HIGH",
               },
               {
                  author: "VULHUB",
                  id: "VHN-91028",
                  trust: 0.1,
                  value: "HIGH",
               },
               {
                  author: "VULMON",
                  id: "CVE-2016-2209",
                  trust: 0.1,
                  value: "HIGH",
               },
            ],
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            db: "VULMON",
            id: "CVE-2016-2209",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            db: "NVD",
            id: "CVE-2016-2209",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
   },
   description: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/description#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file. plural Symantec Product decompression engine Dec2SS.dll Contains a buffer overflow vulnerability.A third party may be able to execute arbitrary code via a crafted file. Multiple Symantec products are prone to a buffer-overflow vulnerability. \nSuccessful exploits may allow the attacker to execute arbitrary code on a  vulnerable system.  Failed exploit attempts likely result in  denial-of-service conditions. ATP is a set of software for mining and removing advanced threats in terminals, networks and email gateways; SES: CSP is a lightweight intrusion detection and prevention system client product; SDCS: SA is a software-defined data center Physical and virtual servers provide security protection. The following products and versions are affected: Symantec ATP, SDCS: SA 6.6 MP1 and 6.5 MP1, Critical System Protection (SCSP) 5.2.9 MP6, SES: CSP 1.0 MP5 and 6.5.0 MP1, Symantec Web Security ",
      sources: [
         {
            db: "NVD",
            id: "CVE-2016-2209",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            db: "BID",
            id: "91436",
         },
         {
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            db: "VULMON",
            id: "CVE-2016-2209",
         },
      ],
      trust: 2.07,
   },
   exploit_availability: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            reference: "https://www.scap.org.cn/vuln/vhn-91028",
            trust: 0.1,
            type: "unknown",
         },
         {
            reference: "https://vulmon.com/exploitdetails?qidtp=exploitdb&qid=40037",
            trust: 0.1,
            type: "exploit",
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            db: "VULMON",
            id: "CVE-2016-2209",
         },
      ],
   },
   external_ids: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            db: "NVD",
            id: "CVE-2016-2209",
            trust: 2.9,
         },
         {
            db: "BID",
            id: "91436",
            trust: 2.1,
         },
         {
            db: "SECTRACK",
            id: "1036199",
            trust: 1.8,
         },
         {
            db: "SECTRACK",
            id: "1036198",
            trust: 1.8,
         },
         {
            db: "EXPLOIT-DB",
            id: "40037",
            trust: 1.8,
         },
         {
            db: "USCERT",
            id: "TA16-187A",
            trust: 0.8,
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
            trust: 0.8,
         },
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
            trust: 0.7,
         },
         {
            db: "PACKETSTORM",
            id: "137712",
            trust: 0.1,
         },
         {
            db: "VULHUB",
            id: "VHN-91028",
            trust: 0.1,
         },
         {
            db: "VULMON",
            id: "CVE-2016-2209",
            trust: 0.1,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            db: "VULMON",
            id: "CVE-2016-2209",
         },
         {
            db: "BID",
            id: "91436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            db: "NVD",
            id: "CVE-2016-2209",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
   },
   id: "VAR-201606-0017",
   iot: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/iot#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: true,
      sources: [
         {
            db: "VULHUB",
            id: "VHN-91028",
         },
      ],
      trust: 0.01,
   },
   last_update_date: "2023-12-18T13:03:18.480000Z",
   patch: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/patch#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            title: "SYM16-010",
            trust: 0.8,
            url: "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00",
         },
         {
            title: "Multiple Symantec  and Norton Product Buffer Overflow Vulnerability Fix",
            trust: 0.6,
            url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=62536",
         },
         {
            title: "Symantec Security Advisories: Symantec Decomposer Engine Multiple Parsing Vulnerabilities",
            trust: 0.1,
            url: "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=2d4155876d3176fc7fb3548ce33b0a8f",
         },
      ],
      sources: [
         {
            db: "VULMON",
            id: "CVE-2016-2209",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
   },
   problemtype_data: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            problemtype: "CWE-119",
            trust: 1.9,
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            db: "NVD",
            id: "CVE-2016-2209",
         },
      ],
   },
   references: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/references#",
         data: {
            "@container": "@list",
         },
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: [
         {
            trust: 1.9,
            url: "http://www.securityfocus.com/bid/91436",
         },
         {
            trust: 1.9,
            url: "https://www.exploit-db.com/exploits/40037/",
         },
         {
            trust: 1.8,
            url: "http://www.securitytracker.com/id/1036198",
         },
         {
            trust: 1.8,
            url: "http://www.securitytracker.com/id/1036199",
         },
         {
            trust: 1.7,
            url: "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00",
         },
         {
            trust: 0.8,
            url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2209",
         },
         {
            trust: 0.8,
            url: "https://www.ipa.go.jp/security/ciadr/vul/20160705-symantec.html",
         },
         {
            trust: 0.8,
            url: "http://jvn.jp/ta/jvnta99096686/index.html",
         },
         {
            trust: 0.8,
            url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2209",
         },
         {
            trust: 0.8,
            url: "https://www.us-cert.gov/ncas/alerts/ta16-187a",
         },
         {
            trust: 0.3,
            url: "http://www.symantec.com",
         },
         {
            trust: 0.1,
            url: "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00",
         },
         {
            trust: 0.1,
            url: "https://cwe.mitre.org/data/definitions/119.html",
         },
         {
            trust: 0.1,
            url: "https://nvd.nist.gov",
         },
         {
            trust: 0.1,
            url: "https://support.symantec.com/en_us/article.symsa1371.html",
         },
      ],
      sources: [
         {
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            db: "VULMON",
            id: "CVE-2016-2209",
         },
         {
            db: "BID",
            id: "91436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            db: "NVD",
            id: "CVE-2016-2209",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
   },
   sources: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            db: "VULMON",
            id: "CVE-2016-2209",
         },
         {
            db: "BID",
            id: "91436",
         },
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            db: "NVD",
            id: "CVE-2016-2209",
         },
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
   },
   sources_release_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2016-06-30T00:00:00",
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            date: "2016-06-30T00:00:00",
            db: "VULMON",
            id: "CVE-2016-2209",
         },
         {
            date: "2016-06-28T00:00:00",
            db: "BID",
            id: "91436",
         },
         {
            date: "2016-07-07T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            date: "2016-06-30T23:59:02.497000",
            db: "NVD",
            id: "CVE-2016-2209",
         },
         {
            date: "2016-06-29T00:00:00",
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
   },
   sources_update_date: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
         data: {
            "@container": "@list",
         },
      },
      data: [
         {
            date: "2020-05-11T00:00:00",
            db: "VULHUB",
            id: "VHN-91028",
         },
         {
            date: "2021-09-08T00:00:00",
            db: "VULMON",
            id: "CVE-2016-2209",
         },
         {
            date: "2016-07-05T22:43:00",
            db: "BID",
            id: "91436",
         },
         {
            date: "2016-07-07T00:00:00",
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
         {
            date: "2021-09-08T17:19:32.927000",
            db: "NVD",
            id: "CVE-2016-2209",
         },
         {
            date: "2019-08-15T00:00:00",
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
   },
   threat_type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "local",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
      trust: 0.6,
   },
   title: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/title#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "plural  Symantec Product decompression engine  Dec2SS.dll Vulnerable to buffer overflow",
      sources: [
         {
            db: "JVNDB",
            id: "JVNDB-2016-003442",
         },
      ],
      trust: 0.8,
   },
   type: {
      "@context": {
         "@vocab": "https://www.variotdbs.pl/ref/type#",
         sources: {
            "@container": "@list",
            "@context": {
               "@vocab": "https://www.variotdbs.pl/ref/sources#",
            },
         },
      },
      data: "buffer error",
      sources: [
         {
            db: "CNNVD",
            id: "CNNVD-201606-627",
         },
      ],
      trust: 0.6,
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.