17 matches found
EUVD-2011-3440
Malware in sbrugna...
500M Avira Antivirus Users Introduced to Cryptomining
Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. But Norton 360 isnt alone in this dubious endeavor: Avira antivirus -- which has built a base of 500 million users worldwide...
Norton’s Antivirus Product Now Includes an Ethereum Miner
Norton 360 can now mine Ethereum. Its opt-in, and the company keeps 15%. Its hard to uninstall this option...
Norton 360 Now Comes With a Cryptominer
Norton 360, one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers computers. Nortons parent firm says the cloud-based service that activates the program and allows customers to profit from the scheme -- in which the company...
Code injection
GEAR Software CD DVD Filter driver aka GEARAspiWDM.sys, as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service system crash via unspecified vectors...
CVE-2011-3477
GEAR Software CD DVD Filter driver aka GEARAspiWDM.sys, as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service system crash via unspecified vectors...
CVE-2011-3477
CVE-2011-3477 concerns the GEAR Software CD/DVD Filter driver (GEARAspiWDM.sys) as used in several Symantec products (Backup Exec System Recovery 8.5 and BESR 2010, System Recovery 2011, Norton 360, Norton Ghost). According to the linked records, the vulnerability enables a local attacker to caus...
Symantec Norton 360 Detection (Windows SMB Login)
Detects the installed version of Symantec Norton 360. The script logs in via smb, searches for string SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Symantec Norton 360 Decomposer Engine Multiple Parsing Vulnerabilities
Symantec Norton 360 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:symantec:norton360";...
Memory corruption
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ATP; Symantec Data Center Security:Server SDCS:S 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection SEP before 12.1 RU6 MP5; Symantec Endpoint Protection SEP for Mac; Symantec Endpoint Protection SEP for...
Buffer overflow
Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection ATP; Symantec Data Center Security:Server SDCS:S 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection SEP before 12.1 RU6 MP5; Symantec Endpoint Protection SEP for Mac;...
CVE-2016-2211
MODE C: The connected Nessus/OpenVAS entries describe CVE-2016-2211 as part of a set of vulnerabilities in Symantec products (notably the Decomposer/UNPACK engine and related parsers) affecting multiple versions of Symantec Protection for SharePoint Servers, Protection Engine, Web Gateway, and re...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus SAV before 10.1 MR8, Symantec Endpoint Protection SEP 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject...
CVE-2009-1428
Multiple cross-site scripting XSS vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus SAV before 10.1 MR8, Symantec Endpoint Protection SEP 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject...
CVE-2009-1428
Multiple cross-site scripting XSS vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus SAV before 10.1 MR8, Symantec Endpoint Protection SEP 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject...
GEAR Software CD DVD Filter Driver Insecure Method Local Privilege Escalation
The version of GEAR Software's CD DVD Filter kernel driver GEARAspiWDM.sys on the remote host contains an insecure method that allows a local user to make an unlimited number of calls to 'IoAttachDevice' from user-land, thereby enabling him to exploit a local privilege escalation flaw in the...
Gear Software CD DVD Filter driver privilege escalation vulnerability
Overview The Gear Software CD DVD Filter driver contains a privilege escalation vulnerability, which can allow an attacker to gain SYSTEM privileges. Description Gear Software provides a driver called CD DVD Filter, which is provided by GEARAspiWDM.sys. This driver is used by multiple CD/DVD...