CVE-2004-0375
6.7 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.022 Low
EPSS
Percentile
89.5%
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
Affected configurations
References
marc.info/?l=bugtraq&m=108275582432246&w=2
securitytracker.com/id?1009379
securitytracker.com/id?1009380
www.eeye.com/html/Research/Upcoming/20040309.html
www.securityfocus.com/bid/9912
www.symantec.com/avcenter/security/Content/2004.04.20.html
exchange.xforce.ibmcloud.com/vulnerabilities/15433
exchange.xforce.ibmcloud.com/vulnerabilities/15936
Related
6.7 Medium
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.022 Low
EPSS
Percentile
89.5%