163 matches found
CVE-2020-5831
Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...
CVE-2020-5831
Symantec Endpoint Protection Manager (SEPM) is affected by CVE-2020-5831, a local, out-of-bounds read vulnerability present in SEPM prior to 14.2 RU2 MP1 (and pre-14.2 RU2 MP1 refresh noted in the advisories). Exploitation could allow a local attacker to read memory outside allocated bounds via t...
CVE-2020-5830
Symantec Endpoint Protection Manager (SEPM) is affected by CVE-2020-5830, an out-of-bounds read vulnerability in SEPM prior to 14.2 RU2 MP1. The issue allows memory reading beyond allocated bounds in SEPM (and is part of multiple SEPM/SEP hardening advisories). The ZDI advisory specifies an infor...
CVE-2020-5829
CVE-2020-5829 affects Symantec Endpoint Protection Manager (SEPM) prior to 14.2 RU2 MP1 . It is an out-of-bounds read vulnerability in SEPM (notably via the secars.dll path) that can allow a local attacker to read memory outside allocated bounds. An attacker would need to execute low-privilege co...
CVE-2020-5828
CVE-2020-5828 affects Symantec Endpoint Protection Manager (SEPM) prior to 14.2 RU2 MP1, with an out-of-bounds vulnerability (read beyond allocated memory). ZDI details indicate it enables a local attacker who has code execution privileges to achieve an information disclosure by reading memory ou...
CVE-2020-5828
Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...
CVE-2020-5827
Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...
CVE-2020-5827
CVE-2020-5827 affects Symantec Endpoint Protection Manager (SEPM) prior to 14.2 RU2 MP1. The issue is an out-of-bounds read vulnerability, with sources describing an attack path in which an unauthenticated or low-privilege scenario could disclose memory contents or be leveraged alongside other fl...
Symantec Endpoint Protection Manager secars Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Symantec Endpoint Protection Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
Symantec Endpoint Protection Manager secars Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Symantec Endpoint Protection Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
Symantec Endpoint Protection Manager secars Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Symantec Endpoint Protection Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
CVE-2019-12759
Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...
Privilege escalation
Symantec Endpoint Protection Manager SEPM and Symantec Mail Security for MS Exchange SMSMSE, prior to versions 14.2 RU2 and 7.5.x respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software applicati...
CVE-2019-12759
CVE-2019-12759 affects Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for Exchange (SMSMSE) prior to SEPM 14.2 RU2 and SMSMSE 7.5.x, introducing a privilege-escalation flaw. Technical details point to the LuComServer stDisScriptEngine class as the root cause, enabling loca...
CVE-2018-18368
Symantec Endpoint Protection Manager (SEPM) is affected by a local privilege escalation vulnerability (CVE-2018-18368) that exists in SEPM prior to 14.2 RU1. An attacker with local access could gain elevated privileges. Remediation is to upgrade to SEPM/SEP 14.2 RU1 (or RU2 where applicable) and ...
CVE-2018-18368
Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an...
Symantec Endpoint Protection Manager CVE-2018-18368 Local Privilege Escalation Vulnerability
Description Symantec Endpoint Protection Manager is prone to a local privilege-escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. Symantec Endpoint Protection Manager versions prior to 14.2 RU1 are vulnerable. Technologies Affected Symantec Endpoint...
Symantec Endpoint Protection Manager OpenSSL Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Symantec Endpoint Protection Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
Multiple Symantec Products CVE-2019-12759 Local Privilege Escalation Vulnerability
Description Multiple Symantec Products are prone to an local privilege escalation vulnerability. A local attacker can leverage this issue to gain elevated privileges. The following products and versions are affected: Symantec Endpoint Protection Manager SEPM prior to versions 14.2 RU2 Symantec Ma...
CVE-2018-18367
Symantec Endpoint Protection Manager SEPM prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use...