Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2015/02/10 12:0 a.m.•35 views

Microsoft Windows Graphics Component CVE-2015-0061 Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya CallPilot 5.0.1...

4.3CVSS7.4AI score0.18865EPSS
Exploits0Affected Software10
Symantec
Symantec
•added 2015/01/27 12:0 a.m.•35 views

Adobe Flash Player CVE-2015-0312 Double Free Remote Code Execution Vulnerability

Description Adobe Flash Player is prone to an unspecified remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected applications. Failed exploit attempts will likely cause a denial-of-service condition...

10CVSS0.6AI score0.07078EPSS
Exploits0Affected Software7
Symantec
Symantec
•added 2014/12/09 12:0 a.m.•35 views

Microsoft Exchange Server Outlook Web Access CVE-2014-6326 Cross Site Scripting Vulnerability

Description Microsoft Exchange Server is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow...

4.3CVSS0.1AI score0.08722EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2014/12/09 12:0 a.m.•35 views

Microsoft Office CVE-2014-6357 Use After Free Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

9.3CVSS0.4AI score0.19378EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2014/11/11 12:0 a.m.•35 views

Microsoft Office Invalid Pointer CVE-2014-6335 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

9.3CVSS0.6AI score0.16038EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2014/08/12 12:0 a.m.•35 views

Microsoft SharePoint Server CVE-2014-2816 Remote Privilege Escalation Vulnerability

Description Microsoft SharePoint Server is prone to a remote privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges in the context of the currently logged-in user. Successful exploits may aid in further attacks. Technologies...

9.3CVSS0.2AI score0.1615EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2014/08/12 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2014-4063 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...

9.3CVSS8.8AI score0.2347EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2014/06/10 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2014-1800 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...

9.3CVSS0.1AI score0.24458EPSS
Exploits0Affected Software10
Symantec
Symantec
•added 2014/02/11 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2014-0279 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...

9.3CVSS0.1AI score0.22893EPSS
Exploits1Affected Software11
Symantec
Symantec
•added 2013/12/10 12:0 a.m.•35 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-5058 Local Denial of Service Vulnerability

Description Microsoft Windows is prone to a local denial-of-service vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to cause the system to stop responding, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard...

4.9CVSS0.3AI score0.02764EPSS
Exploits6Affected Software14
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•35 views

Microsoft Word CVE-2013-3851 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

9.3CVSS0.1AI score0.20145EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•35 views

Microsoft FrontPage CVE-2013-3137 Information Disclosure Vulnerability

Description Microsoft FrontPage is prone to an information-disclosure vulnerability. Attackers can exploit this issue to disclose the contents of a local file on the affected computer. This may aid in further attacks. Technologies Affected Microsoft FrontPage 2003 SP3 Recommendations Run all...

4.3CVSS6.4AI score0.32444EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2013/08/01 8:0 a.m.•35 views

Symantec Encryption Desktop Unquoted Search Path

SUMMARY Symantec PGP and Symantec Encryption Desktop client has an unquoted search path in RDDService. This could provide a non-privileged local user the ability to successfully insert arbitrary code in the root path. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symante...

6.8CVSS0.1AI score0.00303EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/07/09 12:0 a.m.•35 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3167 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due an information disclosure error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the comple...

7.2CVSS0.5AI score0.01873EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2013/07/09 12:0 a.m.•35 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1345 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

7.2CVSS0.5AI score0.01743EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2013/05/14 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2013-1306 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.7AI score0.33407EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2013/05/14 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2013-0811 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.5AI score0.20643EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2013/04/09 12:0 a.m.•35 views

Microsoft Windows Active Directory CVE-2013-1282 Denial of Service Vulnerability

Description Microsoft Windows is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to cause the LDAP service to become non-responsive, resulting in denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5....

5CVSS6.5AI score0.27005EPSS
Exploits0References1Affected Software14
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2013-0091 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.9AI score0.19804EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•35 views

Microsoft Windows 'Win32k.sys' CVE-2013-1272 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01525EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•35 views

Microsoft Windows Kernel CVE-2013-1280 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

7.2CVSS0.5AI score0.01722EPSS
Exploits0Affected Software14
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•35 views

Microsoft Windows 'Win32k.sys' CVE-2013-1276 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01516EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2012-1874 Developer Toolbar Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS0.7AI score0.24103EPSS
Exploits1References1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•35 views

Microsoft Windows CVE-2012-1865 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.3AI score0.0164EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•35 views

Microsoft Excel Memory Corruption CVE-2012-0142 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS0.2AI score0.21596EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•35 views

Microsoft Office Works File Converter (CVE-2012-0177) Heap Based Buffer Overflow Vulnerability

Description Microsoft Office is prone to a remote heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted '.wps' file...

9.3CVSS0.2AI score0.30052EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/01/16 8:0 a.m.•35 views

Symantec Endpoint Protection Manager Cross-Site Request Forgery and Cross-Site Scripting

SUMMARY Symantec Endpoint Protection Manager 12.1 web console is susceptible to cross-site scripting and cross-site request forgery that could potentially lead to arbitrary code execution. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Endpoint Protection | 12.1 ...

6.8CVSS0.2AI score0.01328EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•35 views

Microsoft Internet Explorer 'Jscript9.dll' CVE-2011-1998 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS0.21228EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•35 views

Microsoft Office 'MSO.dll' Uninitialized Pointer (CVE-2011-1982) Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.9AI score0.27697EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•35 views

Microsoft Visio CVE-2011-1979 Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.1AI score0.22201EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/07/27 12:0 a.m.•35 views

Drupal Core CVE-2011-2726 Access Bypass Vulnerability

Description Drupal is prone to an access-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Drupal 7.0 through 7.4 are vulnerable. Technologies Affected Drupal Drupal 7.0 Drupal Drupal 7.1 Drupal...

1.9AI score0.01598EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2011/06/14 12:0 a.m.•35 views

Microsoft Excel Memory Corruption CVE-2011-1277 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS0.5AI score0.16071EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•35 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0674) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2011-0035 Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

9.3CVSS7AI score0.19535EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•35 views

Microsoft Office TIFF Image Converter (CVE-2010-3949) Buffer Overflow Vulnerability

Description Microsoft Office is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted...

9.3CVSS1AI score0.25106EPSS
Exploits0
Symantec
Symantec
•added 2010/08/10 12:0 a.m.•35 views

Microsoft Windows CVE-2010-1896 User Input Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

7.2CVSS0.1AI score0.01418EPSS
Exploits1Affected Software9
Symantec
Symantec
•added 2010/06/08 12:0 a.m.•35 views

Microsoft Windows Media Decompression (CVE-2010-1879) Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability when handling compressed media files. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. A successful exploit may allow arbitrary code to run in the context of the currently...

9.3CVSS0.20284EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2009/11/10 12:0 a.m.•35 views

Microsoft Excel Document Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

1AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2009/08/26 8:0 a.m.•35 views

Symantec Altiris Deployment Solution Multiple Vulnerabilities

SUMMARY Symantecs Altiris Deployment Solution contains vulnerabilities that could potentially be leveraged for unauthorized file access or a denial of service on a client system, authentication bypass on the Server to local system-level access on a client system. AFFECTED PRODUCTS Product | Versi...

9.3CVSS0.7AI score0.03763EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2009/06/09 12:0 a.m.•35 views

Microsoft Internet Explorer (CVE-2009-1141) Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...

9.3CVSS7.2AI score0.27614EPSS
Exploits1References1Affected Software4
Symantec
Symantec
•added 2009/06/09 12:0 a.m.•35 views

Microsoft Internet Explorer Cached Content Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access local files or content from a browser window in another domain or security...

7.1CVSS5.9AI score0.24762EPSS
Exploits2References1Affected Software2
Symantec
Symantec
•added 2009/04/28 8:0 a.m.•35 views

Symantec Log Viewer JavaScript Injection Vulnerabilities

SUMMARY The Log Viewer feature in some Symantec products contains two parsing errors which could be exploited through Java script injection. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Norton 360 | 1.0 | Run LiveUpdate in Interactive Mode Norton Internet Security | 2005 through 200...

4.3CVSS0.1AI score0.02329EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2009/03/10 12:0 a.m.•35 views

Microsoft Windows DNS Server Incorrect Caching DNS Spoofing Vulnerability

Description The Microsoft Windows DNS Server is prone to a DNS-spoofing vulnerability because the software fails to cache responses to specially crafted DNS queries. Successfully exploiting this issue allows remote attackers to spoof DNS replies, allowing them to redirect network traffic and to...

Exploits0References1Affected Software3
Symantec
Symantec
•added 2009/03/10 12:0 a.m.•35 views

Microsoft Windows Invalid Pointer Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successfully exploiting this issue will result in the complete compromise of affected...

7.8AI score
Exploits0Affected Software5
Symantec
Symantec
•added 2007/12/11 12:0 a.m.•35 views

Microsoft Windows Media Format Runtime ASF File Remote Code Execution Vulnerability

Description Windows Media Player is prone to a remote code-execution vulnerability because it fails to properly handle malformed media files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the user running the application. Failed exploit...

0.4AI score
Exploits0References1Affected Software4
Symantec
Symantec
•added 2007/02/13 12:0 a.m.•35 views

Microsoft Antivirus Engine Integer Overflow Vulnerability

Description Microsoft Antivirus Engine is prone to an integer-overflow vulnerability when the application processes maliciously crafted files. This issue is currently being exploited via Portable Document Files PDF, but other Microsoft applications are also reported vulnerable. An attacker could...

7.7AI score
Exploits0References1Affected Software3
Symantec
Symantec
•added 2005/08/24 8:0 a.m.•35 views

Symantec AntiVirus Corporate Edition 9.0 and Symantec Client Security 2.0 Help File Elevation of Pri

SUMMARY The Symantec AntiVirus Corporate Edition HTML client help function uses HTML help, the Windows help interface, to provide support to the client user. A non-privileged client user can manipulate the help function to access files on the system with local SYSTEM privileges. Risk Impact Mediu...

10CVSS0.6AI score0.01694EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2005/07/12 12:0 a.m.•35 views

Microsoft Outlook Express Multiple Vulnerabilities

Description Microsoft has released an update to address various issues affecting Outlook Express 6.0 running on Windows XP. These issues may allow remote attackers to cause the client to crash or disclose sensitive information. Reportedly remote attackers may cause the client to crash by sending...

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2004/09/14 12:0 a.m.•35 views

Microsoft GDI+ Library JPEG Segment Length Integer Underflow Vulnerability

Description Microsoft Graphics Device Interface GDI+ JPEG handler is reported prone to an integer underflow vulnerability when handling JPEG format images. This issue presents itself due to a lack of sufficient sanity checks performed on certain JPEG data before this data employed as a bounds val...

7.6AI score
Exploits0References14Affected Software23
Symantec
Symantec
•added 2004/07/13 12:0 a.m.•35 views

Microsoft IIS 4 Redirect Remote Buffer Overflow Vulnerability

Description Microsoft IIS 4.0 is reported prone to a buffer overflow vulnerability when handling redirects. It is reported that an attacker may exploit this vulnerability by issuing a large request to an affected IIS Web server. An attacker may exploit this issue to execute arbitrary code in the...

0.6AI score
Exploits0References7Affected Software1
Total number of security vulnerabilities5000