Kaspersky LabKLA10350KLA10350 Vulnerabilities in Symantec
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.3%
Unspecified vulnerabilities were found in Symantec AntiVirus. By exploiting these vulnerabilities malicious users can execute arbitrary code or cause denial of service. This vulnerability can be exploited remotely via specially designed CAB or RAR archives.
Original advisories
Related products
Symantec-Norton-Internet-Security
Symantec-Mail-Security-for-Exchange
CVE list
CVE-2007-3699 critical
CVE-2007-0447 critical
Solution
Update to latest version
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Affected Products
- Symantec Mail Security version 8200Symantec Mail Security for Microsoft Exchange 4 versions 4.6.7 and earlierSymantec Mail Security for Microsoft Exchange 5 versions 5.0.4 and earlierSymantec Mail Security for Microsoft Exchange version 6.0.0Symantec Mail Security for Domino NT 4 versions 4.1.5 and earlierSymantec Mail Security for Domino NT 5 versions 5.1.2.28 and earlierSymantec AntiVirus/Filtering for Domino NT versions 3.0.12 and earlierSymantec Scan Engine versions 5.0.1 and earlierSymantec AntiVirus Scan Engine 4.1 versions 4.1.8 and earlierSymantec AntiVirus Scan Engine 4.3 versions 4.3.12 and earlier for MS ISA, MS Sharepoint, Messaging, Attached Storage, Clearswift, CachingSymantec Client security 3 versions earlier than 3.1.5.5010Symantec Client security 1, 2 versions earlier than 2.0.6.1100Symantec Web Security versions 3.0.1.76 and eralierSymantec Gateway Security 1600, 5000 version 3.0.1Symantec Gateway Security 5400 version 2.0.1Symantec Gateway AntiSpam 6, 5.5, 4 versions 6.04 and earlierSymantec AntiVirus Corporate Edition 10 versions earlier than 10.1.5.5010Symantec AntiVirus Corporate Edition versions earlier than 9.0.6.1100Symantec AntiVirus for Macintosh 10 any version dated earlier than 10/1/2006Symantec Web Security for Microsoft ISA 2004 5 versions earlier than 5.0.3Symantec Mail Security for SMTP version 5.0.0 patches earlier than 175 for Solaris & LinuxSymantec Mail Security for SMTP version 5.0.0 patches earlier than 176 for WindowsSymantec Mail Security for SMTP version 5.0.1 patches earlier than 181Symantec Mail Security for SMTP versions 4.1.15 and earlierSymantec Norton AntiVirus versions 2006, 2005, 2004Symantec Norton Internet Security versions 2006, 2005.5AntiSpyWare Edition, 2005, 2004 Symantec NortonSystemWorks versions 2006, 2005, 2004 Symantec PersonalFirewall version 2006 Symantec AntiVirus for Macintosh versions 10 and 9Symantec Norton Internet security or SystemWorks for Macintosh version 3
References
www.symantec.com/avcenter/security/Content/2007.07.11f.html
statistics.securelist.com/
threats.kaspersky.com/en/product/Symantec-Mail-Security-for-Exchange/
threats.kaspersky.com/en/product/Symantec-Norton-AntiVirus/
threats.kaspersky.com/en/product/Symantec-Norton-Internet-Security/
threats.kaspersky.com/en/product/Symantec-Norton-Security/
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
96.3%