Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2013/07/09 12:0 a.m.•33 views

Microsoft .NET Framework CVE-2013-3134 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the application. Failed exploit attempts will likely result in a denial-of-service condition. Technologies Affected...

9.3CVSS0.7AI score0.2104EPSS
Exploits0Affected Software9
Symantec
Symantec
•added 2013/07/09 12:0 a.m.•33 views

Microsoft Internet Explorer CVE-2013-3144 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8, 9, and 10 are...

9.3CVSS0.1AI score0.2278EPSS
Exploits1References1Affected Software10
Symantec
Symantec
•added 2013/06/18 8:0 a.m.•33 views

Symantec Endpoint Protection Manager/Protection Center 12.x Buffer Overflow

SUMMARY A dynamic link library dll in the Symantec Endpoint Protection Manager SEPM 12.1.x server and Symantec Protection Center SPC 12.0.x Small Business Edition server does not properly validate all external input. This could potentially result in a buffer overflow and remote code execution wit...

7.9CVSS0.4AI score0.04383EPSS
Exploits4Affected Software1
Symantec
Symantec
•added 2013/06/11 12:0 a.m.•33 views

Microsoft Windows Print Spooler Service CVE-2013-1339 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that affects the Print Spooler Service. A local attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers...

9CVSS1.8AI score0.23625EPSS
Exploits1Affected Software3
Symantec
Symantec
•added 2013/05/14 12:0 a.m.•33 views

Microsoft Windows Essentials CVE-2013-0096 URI Handling Information Disclosure Vulnerability

Description Microsoft Windows Essentials is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Windows Essentials 2011 Microsoft Windows Essentials 2012 Recommendations...

6.8CVSS0.2AI score0.16097EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2013/04/09 12:0 a.m.•33 views

Microsoft Windows CVE-2013-1293 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and run arbitrary code in kernel mode. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Conferencing 6.0.0 Standard Ava...

6.9CVSS0.4AI score0.01553EPSS
Exploits1References1Affected Software13
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•33 views

Microsoft SharePoint CVE-2013-0085 Denial of Service Vulnerability

Description Microsoft SharePoint is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to become unresponsive, denying service to legitimate users. Technologies Affected Microsoft SharePoint Foundation 2010 SP1 Microsoft SharePoint Server 2010...

7.8CVSS0.5AI score0.33975EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•33 views

Microsoft Internet Explorer CVE-2013-0090 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.7AI score0.38223EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•33 views

Microsoft Windows 'Win32k.sys' CVE-2013-1259 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•33 views

Microsoft Windows 'Win32k.sys' CVE-2013-1251 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.7AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•33 views

Microsoft Windows 'Win32k.sys' CVE-2013-1260 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/01/08 12:0 a.m.•33 views

Microsoft .NET Framework CVE-2013-0003 Remote Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attackers can exploit this issue to gain escalated privileges within the context of the application; this results in complete control of the affected system. Technologies Affected Microsoft .NET...

9.3CVSS1.2AI score0.23843EPSS
Exploits1
Symantec
Symantec
•added 2013/01/08 12:0 a.m.•33 views

Microsoft Windows SSLv3/TLS CVE-2013-0013 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability when handling the SSL version 3 SSLv3 and TLS protocols. To exploit this issue, an attacker must inject specially crafted content into an SSL/TLS session by performing man-in-the-middle attacks. Successful exploits may allo...

5.8CVSS6.2AI score0.06351EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2013/01/08 12:0 a.m.•33 views

Microsoft .NET Framework CVE-2013-0002 Remote Privilege Escalation Vulnerability

Description The Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges on the affected computer. Technologies Affected Microsoft .NET Framework 1.0 Microsoft .NET Framework 1.0 SP1 Microsoft .NET Framework 1.0...

9.3CVSS1.3AI score0.25118EPSS
Exploits1
Symantec
Symantec
•added 2012/11/13 12:0 a.m.•33 views

Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

0.7AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2012/11/07 8:0 a.m.•33 views

Symantec Legacy Decomposer CAB File Issues

SUMMARY Symantec's legacy Decomposer engine fails to proper handle bounds checking when parsing files from some versions of CAB archives. This could result in the probability of an application crash in the majority of cases. A successfully crafted malicious CAB file could potentially result in...

9.3CVSS0.06045EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/10/09 12:0 a.m.•33 views

Microsoft Word PAPX Section Corruption Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user, which...

0.1AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/15 8:0 a.m.•33 views

Symantec LiveUpdate Administrator 2.3 Insecure File Permissions

SUMMARY Symantec LiveUpdate Administrator 2.3 and prior install some files with insecure file permissions during a default installation. These files allow full control permission to everyone which could result in arbitrary command execution with elevated privileges on the system. AFFECTED PRODUCT...

6.9CVSS0.2AI score0.00347EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/05/22 8:0 a.m.•33 views

Symantec Endpoint Protection Multiple Issues

SUMMARY Specific versions of the Symantec Endpoint Protection Management Console in Symantec Endpoint Protection 11.x and Symantec Network Access Control 11.x are susceptible to a potential local access elevation of privilege. The Management Console in Symantec Endpoint Protection 12.1 is...

9.3CVSS1.4AI score0.04025EPSS
Exploits7Affected Software2
Symantec
Symantec
•added 2012/05/22 8:0 a.m.•33 views

Symantec Endpoint Protection Manager 11.x Denial of Service

SUMMARY Versions of Symantec Endpoint Protection Manager 11.0 running the Network Threat Protection module on Windows Server 2003 are susceptible to a Denial of ServiceDoS. Successful exploitation could potentially result in the system hosting Symantec Endpoint Protection Manager becoming...

5CVSS0.1AI score0.0287EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•33 views

Microsoft Excel Memory Corruption CVE-2012-0141 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS0.2AI score0.21769EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/05/04 12:0 a.m.•33 views

Adobe Flash Player CVE-2012-0779 Object Type Confusion Remote Code Execution Vulnerability

Description Adobe Flash Player is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The following...

9.3CVSS0.4AI score0.85698EPSS
Exploits10Affected Software7
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•33 views

Microsoft Internet Explorer CVE-2012-0010 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because it fails to adequately validate user-supplied data during copy and paste operations. An attacker can exploit this issue to view content from a browser window in another domain or securi...

4.3CVSS6.1AI score0.14099EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•33 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1985) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...

7.2CVSS0.2AI score0.02386EPSS
Exploits5Affected Software21
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•33 views

Microsoft Forefront Unified Access Gateway Null Session Cookie Denial of Service Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the web server of the affected application, denying service to legitimate users. Technologies Affected Microsoft Forefront Unified Access Gateway...

1.8AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•33 views

Microsoft Internet Explorer Virtual Function Table CVE-2011-2001 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.43125EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•33 views

Microsoft Internet Explorer Select Element CVE-2011-1999 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.27959EPSS
Exploits2References3Affected Software6
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•33 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1882) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01405EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•33 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0670) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•33 views

Microsoft Excel CVE-2011-0103 Memory Corruption Vulnerability

Description Microsoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.1AI score0.25459EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•33 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0671) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01345EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•33 views

Microsoft Publisher (CVE-2010-3954) Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

9.3CVSS7.3AI score0.20833EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•33 views

Microsoft Excel Record Validation (CVE-2010-3240) Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.5AI score0.21413EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•33 views

Microsoft Word Malformed Record Value (CVE-2010-3218) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.6AI score0.23832EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2010/08/10 12:0 a.m.•33 views

Microsoft Windows CVE-2010-1895 User Pool Overflow Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

7.2CVSS7.2AI score0.01591EPSS
Exploits1Affected Software4
Symantec
Symantec
•added 2010/06/08 12:0 a.m.•33 views

Microsoft Excel CVE-2010-1252 String Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

9.3CVSS0.2AI score0.21221EPSS
Exploits0References1Affected Software4
Symantec
Symantec
•added 2010/06/08 12:0 a.m.•33 views

Microsoft Excel Real Time Data (RTD) Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

Exploits0References1Affected Software3
Symantec
Symantec
•added 2010/06/08 12:0 a.m.•33 views

Microsoft Internet Explorer 8 Developer Tools Remote Code Execution Vulnerability

Description Microsoft Internet Explorer 8 Developer Tools 'iedvtool.dll' ActiveX control is prone to a remote code-execution vulnerability that stems from a memory-corruption issue. An attacker can exploit this issue to execute arbitrary code in the context of the application, usually Internet...

8AI score
Exploits0References1Affected Software14
Symantec
Symantec
•added 2010/02/09 12:0 a.m.•33 views

Microsoft DirectX DirectShow AVI File Parsing Remote Code Execution Vulnerability

Description Microsoft DirectX is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running an application that uses DirectX. Failed exploit attempts will result in a denial-of-service condition...

7.8AI score
Exploits0Affected Software12
Symantec
Symantec
•added 2009/12/14 12:0 a.m.•33 views

Adobe Reader and Acrobat 'newplayer()' JavaScript Method Remote Code Execution Vulnerability

Description Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects Reader and Acrobat 9.2 and prior versions. Technologies...

7.9AI score
Exploits0References4Affected Software14
Symantec
Symantec
•added 2009/12/08 12:0 a.m.•33 views

Microsoft Internet Explorer (CVE-2009-3671) Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the computer. Failed attacks m...

9.3CVSS7.1AI score0.21038EPSS
Exploits1References2Affected Software4
Symantec
Symantec
•added 2009/11/24 8:0 a.m.•33 views

Symantec’s Altiris Deployment and Notification Management Web Console RunCmd Vulnerability

SUMMARY Symantecs Altiris Deployment Solution, Notification Server and Symantec Management Platform web consoles install a vulnerable ActiveX control. Exploitation of one of the methods used by this control could possibly lead to unauthorized information disclosure, system information corruption ...

9.3CVSS0.1AI score0.39967EPSS
Exploits10Affected Software1
Symantec
Symantec
•added 2009/06/09 12:0 a.m.•33 views

Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability

Description Microsoft Internet Information Services IIS is prone to an authentication-bypass vulnerability because it fails to properly enforce access restrictions on certain requests to a site that requires authentication. An attacker can exploit this issue to gain unauthorized access to protect...

0.8AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2009/05/12 12:0 a.m.•33 views

Microsoft PowerPoint Sound Data (CVE-2009-0223) Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...

9.3CVSS7AI score0.27984EPSS
Exploits1References2Affected Software1
Symantec
Symantec
•added 2009/05/12 12:0 a.m.•33 views

Microsoft PowerPoint Sound Data (CVE-2009-1137) Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...

9.3CVSS7AI score0.31632EPSS
Exploits5References1Affected Software1
Symantec
Symantec
•added 2008/10/14 12:0 a.m.•33 views

Microsoft Windows AFD Driver Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability in the Ancillary Function Driver 'afd.sys'. A successful exploit of this vulnerability will let a local attacker completely compromise an affected computer. Technologies Affected Microsoft Windows Server 2003...

0.2AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2008/03/11 12:0 a.m.•33 views

Microsoft Outlook Mailto URI Remote Code Execution Vulnerability

Description Microsoft Outlook is prone to a remote code-execution vulnerability because the application fails to adequately validate user-supplied data. Successfully exploiting this issue will allow attackers to execute arbitrary code with the privileges of the currently logged-in user. This will...

2.1AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2008/02/12 12:0 a.m.•33 views

Microsoft Windows Vista DHCP Remote Denial Of Service Vulnerability

Description Microsoft Windows Vista is prone to a remote denial-of-service vulnerability because it fails to adequately handle specially crafted TCP/IP traffic. Attackers can exploit this issue to cause affected computers to stop responding and to automatically restart. Successful attacks will de...

0.4AI score
Exploits0References1Affected Software6
Symantec
Symantec
•added 2007/09/05 8:0 a.m.•33 views

Symantec SYMTDI.SYS Device Driver Local Denial of Service

SUMMARY Some versions of Symantecs device driver SYMTDI.SYS contain a vulnerability which, if successfully exploited, could allow a local attacker to cause the system to crash. Risk Impact Low Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes, to the local system Exploit...

1.9CVSS1.6AI score0.00864EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2007/06/26 8:0 a.m.•33 views

Symantec Mail Security for SMTP Executable Attachment Parsing Denial of Service

SUMMARY A denial of service has been discovered in Symantec Mail Security for SMTP when parsing Executable Attachments. Risk Impact Low Remote Access | Yes ---|--- Local Access | No Authentication Required | No Exploit publicly available | No AFFECTED PRODUCTS Products | Versions | Solution...

7.8CVSS0.8AI score0.04722EPSS
Exploits1Affected Software1
Total number of security vulnerabilities5000