Lucene search
K

9 matches found

seebug.org
seebug.org
added 2014/11/13 12:0 a.m.58 views

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20141106-0 ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080...

7.5CVSS6.5AI score0.28759EPSS
Exploits23
securityvulns
securityvulns
added 2014/11/10 12:0 a.m.61 views

SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection

SEC Consult Vulnerability Lab Security Advisory 20141106-0 ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact:...

7.5CVSS0.6AI score0.28759EPSS
Exploits23
Tenable Nessus
Tenable Nessus
added 2014/11/10 12:0 a.m.36 views

Symantec Endpoint Protection Manager < 12.1 RU5 Multiple Vulnerabilities (SYM14-015)

The version of Symantec Endpoint Protection Manager SEPM installed on the remote host is 12.1 prior to 12.1 RU5. It is, therefore, affected by the following vulnerabilities : - An XML external entity XXE injection vulnerability due to improper validation of XML external entities. A remote attacke...

7.5CVSS5.8AI score0.08541EPSS
Exploits9References4
CVE
CVE
added 2014/11/07 11:0 a.m.76 views

CVE-2014-3437

Symantec Endpoint Protection Manager (SEPM) 12.1 prior to RU5 is affected by multiple vulnerabilities (CVE-2014-3437 XXE, CVE-2014-3438 XSS, CVE-2014-3439 arbitrary file write). The XXE flaw allows reading files or sending requests to intranet servers via crafted XML; XSS can exfiltrate sessions;...

7.5CVSS6.6AI score0.08541EPSS
Exploits6References6Affected Software1
Packet Storm
Packet Storm
added 2014/11/06 12:0 a.m.66 views

Symantec Endpoint Protection 12.1.4023.4080 XXE / XSS / Arbitrary File Write

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact: Critical CVE...

7.5CVSS0.5AI score0.28759EPSS
Exploits23
Exploit DB
Exploit DB
added 2014/11/06 12:0 a.m.66 views

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact: Critical CVE...

7.5CVSS7AI score0.08541EPSS
Exploits9
0day.today
0day.today
added 2014/11/06 12:0 a.m.90 views

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

Exploit for jsp platform in category web applications title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact: Critical CVE number: CVE-2014-3437, CVE-2014-3438, CVE-2014-3439 homepage:...

6.1CVSS0.5AI score0.28759EPSS
Exploits23
exploitpack
exploitpack
added 2014/11/06 12:0 a.m.60 views

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable...

7.5CVSS0.6AI score0.28759EPSS
Exploits23
Symantec
Symantec
added 2014/11/05 8:0 a.m.31 views

Symantec Endpoint Protection Manager Multiple Issues

SUMMARY The management console for Symantec Endpoint Protection Manager SEPM is susceptible to multiple vulnerabilities including XML External Entity Injection, reflected cross-site scripting and the potential for arbitrary file write/overwrite. AFFECTED PRODUCTS Product | Version | Build |...

7.5CVSS0.2AI score0.08541EPSS
Exploits9Affected Software1
Rows per page
Query Builder