EUVD-2018-4224

Malware in sbrugna...

Fortinet FortiSandbox和Fortinet FortiIsolator 代码问题漏洞

Fortinet FortiSandbox and Fortinet FortiIsolator are both products of Fortinet, Inc.Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting, etc...

Fortinet FortiIsolator Operating System Command Injection Vulnerability

Fortinet FortiIsolator is a Fortinet application that provides remote security isolation for browsers. The application adds additional advanced threat protection capabilities to the Fortinet Security Fabric and protects business-critical data from sophisticated threats on the Web. Content and fil...

CVE-2018-12246

Symantec Web Isolation WI 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious...

CVE-2018-12246

Symantec Web Isolation WI 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious...

Cross site scripting

Symantec Web Isolation WI 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious...

CVE-2018-12246

CVE-2018-12246 affects Symantec Web Isolation (WI) version 1.11 (prior to 1.11.21). The vulnerability is a reflected cross-site scripting (XSS) that allows an attacker to trick end users protected by WI into visiting a crafted URL, causing malicious JavaScript to run in the user’s browser within ...

CVE-2018-12246

Symantec Web Isolation WI 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious...

Web Isolation vulnerable to cross-site scripting

Overview Web Isolation provided by Symantec Corporation contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update the software to the latest version according to the information provide...

Symantec Web Isolation Cross-Site Scripting Attack Vulnerability

Symantec Web Isolation is a Web security protection software from Symantec USA. The software is mainly used to prevent malware and phishing attacks, etc. A cross-site scripting vulnerability exists in Symantec Web Isolation version 1.11. A remote attacker can exploit this vulnerability to execute...

JVN#58005743: Web Isolation vulnerable to cross-site scripting

Web Isolation provided by Symantec Corporation contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update the software to the latest version according to the information provided by the...

Reflected XSS Vulnerability in Web Isolation

SUMMARY Symantec Web Isolation WI is susceptible to a reflected cross-site scripting XSS vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript cod...

SA165: NTP Vulnerabilities February 2018

SUMMARY Symantec Network Protection products using affected versions of the NTP reference implementation from ntp.org are susceptible to multiple vulnerabilities. A remote attacker can exploit these vulnerabilities to execute arbitrary code, modify the target's system time, prevent the target fro...

SA163: OpenSSH Vulnerability October 2017

SUMMARY Symantec Network Protection products using affected versions of OpenSSH are susceptible to a security vulnerability. A remote attacker with read-only access to an SFTP server can create a large number of zero-length files and deplete the target's hard disk space. AFFECTED PRODUCTS The...

SA161: Local Information Disclosure Due to Meltdown and Spectre Attacks

SUMMARY Symantec Network Protection products, which run on an affected CPU chipset and execute arbitrary code from external sources, are susceptible to several information disclosure vulnerabilities aka Meltdown and Spectre attacks. A remote attacker, with the ability to execute arbitrary code...

SA136 : OpenSSH Vulnerabilities

SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to several vulnerabilities. A remote attacker, with access to the management interface, can exploit these vulnerabilities to enumerate existing user accounts and cause denial of service through excessive CPU consumption...