EUVD-2016-9913

Malware in sbrugna...

Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1419)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.5.1. It is, therefore, affected by multiple vulnerabilities: - A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76,...

Symantec Content Analysis 2.3 < 2.3.1.1 affected by Multiple Vulnerabilities (SYMSA1377)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.1.1. It is, therefore, affected by a vulnerability in the xmlBufAttrSerializeTxtContent function in xmlsave.c in libxml2 allows context-dependent attackers to cause a denial of service out-of-bounds read a...

Symantec Content Analysis < 2.3.1.1 affected by Multiple Vulnerabilities (SYMSA1410)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.1.1. It is, therefore, affected by multiple vulnerabilities: - A vulnerability in Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modmime can read one byte past the end of a buffer when sending a...

Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1463)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.5.1. It is, therefore, affected by multiple vulnerabilities: - An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denia...

Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1451)

The version of Symantec Content Analysis running on the remote host is prior to version 2.3.5.1. It is, therefore, affected by multiple vulnerabilities: - Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by...

Symantec Content Analysis Local Detection

Version information for Symantec Content Analysis, formerly Blue Coat Content Analysis, was retrieved from the remote host. Binary data symanteccontentanalysislocaldetect.nbin...

Symantec Content Analysis Web Detection

The web interface for Symantec Content Analysis, formerly Blue Coat Content Analysis, was detected on the remote host. This detection covers v2.3 and up. Binary data symanteccontentanalysiswebdetect.nbin...

Symantec Content Analysis and Mail Transfer Defense Cross-Site Request Forgery Vulnerability

Symantec Content Analysis and Mail Transfer Defense are both products of Symantec, Inc. Symantec Content Analysis is a content analysis system. Mail Transfer Defense is an email threat protection system. A cross-site request forgery vulnerability exists in Symantec Content Analysis and Mail...

CVE-2016-9092

The Symantec Content Analysis CA 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense MTD 1.1 management consoles are susceptible to a cross-site request forging CSRF vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the...

CVE-2016-9092

The CVE concerns CSRF in Symantec Content Analysis (CA) management consoles (1.3, 2.x prior to 2.2.1.1) and Mail Threat Defense (MTD) 1.1. The issue allows a remote attacker, via phishing/social engineering, to perform actions as an authenticated administrator. Exploitation details are not presen...