13 matches found
CVE-2016-9093
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able t...
CVE-2016-9093
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able t...
CVE-2016-9093
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able t...
Symantec Endpoint Protection Clients Local Elevation of Privilege, CSV Formula Injection
SUMMARY Symantec has released updates to address security issues reported in both Symantec Endpoint Protection 12.1 and Symantec Endpoint Protection 14.0 Windows clients. AFFECTED PRODUCTS Symantec Endpoint Protection SEP --- CVE | Affected Versions | Remediation CVE-2016-9093 CVE-2016-9094 | Pri...
Symantec Multiple Products SymEvent Driver Local Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20051/info Multiple Symantec products are prone to a local denial-of-service vulnerability. This issue occurs when attackers send malformed data to the 'SymEvent' driver. A local authenticated attacker may exploit this...
Design/Logic Flaw
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service system crash via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of...
Symantec Norton Personal Firewall / Norton Internet Security buffer overflow
DeviceSymEvent driver interface buffer overflow...
SymEvent Driver Local Access System Denial of Service
Hello, Today, we have accidentally discovered that the vulnerability, which is described here http://www.symantec.com/avcenter/security/Content/2006.09.20a.html and its third party identifications are BID: 20051 Secunia Advisory: SA21938 CVE: CVE-2006-4855 is active again in the today's update of...
Symantec Norton个人防火墙SymEvent驱动本地拒绝服务漏洞
Symantec Norton个人防火墙是非常流行的防火墙软件。 Symantec Norton个人防火墙的实现上存在漏洞,本地攻击者可能利用此漏洞对系统执行拒绝服务攻击。 Norton没有充分地保护 \Device\SymEvent 驱动,也没有验证其输入缓冲区,允许Everyone向这个驱动中写入数据,可能导致驱动执行无效的内存操作以及整个操作系统崩溃。 Symantec Norton Personal Firewall 2006 9.1.0.33 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
CVE-2006-4855
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1,...
Symantec Norton Insufficient validation of 'SymEvent' driver input buffer
Hello, I would like to inform you about a vulnerability in Norton Personal Firewall. Description: Norton insufficiently protects its driver 'DeviceSymEvent' against a manipulation by malicious applications and it fails to validate its input buffer. It is possible to open this driver and send...
Symantec (Multiple Products) - 'SymEvent' Driver Local Denial of Service
source: https://www.securityfocus.com/bid/20051/info Multiple Symantec products are prone to a local denial-of-service vulnerability. This issue occurs when attackers send malformed data to the 'SymEvent' driver. A local authenticated attacker may exploit this issue to crash affected computers,...
Symantec (Multiple Products) - SymEvent Driver Local Denial of Service
Symantec Multiple Products - SymEvent Driver Local Denial of Service source: https://www.securityfocus.com/bid/20051/info Multiple Symantec products are prone to a local denial-of-service vulnerability. This issue occurs when attackers send malformed data to the 'SymEvent' driver. A local...