Lucene search
K

9 matches found

seebug.org
seebug.org
added 2014/11/13 12:0 a.m.59 views

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

No description provided by source. SEC Consult Vulnerability Lab Security Advisory 20141106-0 ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080...

7.5CVSS6.5AI score0.28759EPSS
Exploits23
Tenable Nessus
Tenable Nessus
added 2014/11/10 12:0 a.m.36 views

Symantec Endpoint Protection Manager < 12.1 RU5 Multiple Vulnerabilities (SYM14-015)

The version of Symantec Endpoint Protection Manager SEPM installed on the remote host is 12.1 prior to 12.1 RU5. It is, therefore, affected by the following vulnerabilities : - An XML external entity XXE injection vulnerability due to improper validation of XML external entities. A remote attacke...

7.5CVSS5.8AI score0.08541EPSS
Exploits9References4
securityvulns
securityvulns
added 2014/11/10 12:0 a.m.61 views

SEC Consult SA-20141106-0 :: XXE &amp; XSS &amp; Arbitrary File Write vulnerabilities in Symantec Endpoint Protection

SEC Consult Vulnerability Lab Security Advisory 20141106-0 ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact:...

7.5CVSS0.6AI score0.28759EPSS
Exploits23
CVE
CVE
added 2014/11/07 11:0 a.m.63 views

CVE-2014-3439

Symantec Endpoint Protection Manager (SEPM) 12.1 prior to RU5 is affected by CVE-2014-3439: an Unauthenticated Arbitrary File Write in the ConsoleServlet, caused by improper filtering of user input in the logging component. This can allow remote attackers to write arbitrary files, potentially ena...

6.1CVSS6.7AI score0.05838EPSS
Exploits7References6Affected Software1
Packet Storm
Packet Storm
added 2014/11/06 12:0 a.m.66 views

Symantec Endpoint Protection 12.1.4023.4080 XXE / XSS / Arbitrary File Write

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact: Critical CVE...

7.5CVSS0.5AI score0.28759EPSS
Exploits23
Exploit DB
Exploit DB
added 2014/11/06 12:0 a.m.66 views

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact: Critical CVE...

7.5CVSS7AI score0.08541EPSS
Exploits9
0day.today
0day.today
added 2014/11/06 12:0 a.m.90 views

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

Exploit for jsp platform in category web applications title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable version: 12.1.4023.4080 fixed version: 12.1.5 RU 5 impact: Critical CVE number: CVE-2014-3437, CVE-2014-3438, CVE-2014-3439 homepage:...

6.1CVSS0.5AI score0.28759EPSS
Exploits23
exploitpack
exploitpack
added 2014/11/06 12:0 a.m.64 views

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities

Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XXE & XSS & Arbitrary File Write vulnerabilities product: Symantec Endpoint Protection vulnerable...

7.5CVSS0.6AI score0.28759EPSS
Exploits23
Symantec
Symantec
added 2014/11/05 8:0 a.m.31 views

Symantec Endpoint Protection Manager Multiple Issues

SUMMARY The management console for Symantec Endpoint Protection Manager SEPM is susceptible to multiple vulnerabilities including XML External Entity Injection, reflected cross-site scripting and the potential for arbitrary file write/overwrite. AFFECTED PRODUCTS Product | Version | Build |...

7.5CVSS0.2AI score0.08541EPSS
Exploits9Affected Software1
Rows per page
Query Builder