Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2013/09/10 12:0 a.m.•31 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3865 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...

7.2CVSS0.6AI score0.01654EPSS
Exploits0Affected Software12
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•31 views

Microsoft Word CVE-2013-3857 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

9.3CVSS0.4AI score0.21033EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2013/08/13 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2013-3193 Use After Free Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a use-after-free memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 an...

9.3CVSS0.1AI score0.19338EPSS
Exploits1References1Affected Software3
Symantec
Symantec
•added 2013/06/11 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2013-3124 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 is affected...

9.3CVSS0.4AI score0.19345EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/05/14 12:0 a.m.•31 views

Microsoft Publisher CVE-2013-1327 Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

9.3CVSS0.3AI score0.20766EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/05/14 12:0 a.m.•31 views

Microsoft .NET Framework XML Digital Signature CVE-2013-1336 Security Bypass Vulnerability

Description Microsoft .NET Framework is prone to a security-bypass vulnerability because it fails to properly validate the signature of a specially crafted XML file. Attackers can exploit this issue to bypass XML digital signature validation and spoof XML content by conducting man-in-the-middle...

5CVSS0.19263EPSS
Exploits0Affected Software10
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•31 views

Microsoft SharePoint CVE-2013-0085 Denial of Service Vulnerability

Description Microsoft SharePoint is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to become unresponsive, denying service to legitimate users. Technologies Affected Microsoft SharePoint Foundation 2010 SP1 Microsoft SharePoint Server 2010...

7.8CVSS0.5AI score0.33975EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•31 views

Microsoft Windows CVE-2013-1287 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.4AI score0.01455EPSS
Exploits0Affected Software5
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2013-0089 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.7AI score0.18477EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•31 views

Microsoft Windows 'Win32k.sys' CVE-2013-1267 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01525EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/01/08 12:0 a.m.•31 views

Microsoft Windows SSLv3/TLS CVE-2013-0013 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability when handling the SSL version 3 SSLv3 and TLS protocols. To exploit this issue, an attacker must inject specially crafted content into an SSL/TLS session by performing man-in-the-middle attacks. Successful exploits may allo...

5.8CVSS6.2AI score0.06351EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2013/01/08 12:0 a.m.•31 views

Microsoft .NET Framework CVE-2013-0002 Remote Privilege Escalation Vulnerability

Description The Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. Attackers can exploit this issue to gain elevated privileges on the affected computer. Technologies Affected Microsoft .NET Framework 1.0 Microsoft .NET Framework 1.0 SP1 Microsoft .NET Framework 1.0...

9.3CVSS1.3AI score0.25118EPSS
Exploits1
Symantec
Symantec
•added 2013/01/08 12:0 a.m.•31 views

Microsoft .NET Framework CVE-2013-0003 Remote Privilege Escalation Vulnerability

Description Microsoft .NET Framework is prone to a remote privilege-escalation vulnerability. An attackers can exploit this issue to gain escalated privileges within the context of the application; this results in complete control of the affected system. Technologies Affected Microsoft .NET...

9.3CVSS1.2AI score0.23843EPSS
Exploits1
Symantec
Symantec
•added 2012/10/10 8:0 a.m.•31 views

Symantec Ghost Solution Suite Memory Corruption

SUMMARY Symantecs Ghost Solution Suite is susceptible to memory corruption issues that could result in an application denial of service or possibly arbitrary code execution. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Ghost Solution Suite | 2.x | Upgrade to the latest...

6.8CVSS0.03264EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/10/09 12:0 a.m.•31 views

Microsoft Word PAPX Section Corruption Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user, which...

0.1AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2012-1881 'OnRowsInserted' Event Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS0.8AI score0.24052EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2012-1879 'insertAdjacentText()' Method Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.1AI score0.19579EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•31 views

Microsoft Excel Memory Corruption CVE-2012-0141 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS0.2AI score0.21769EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2012-0171 SelectAll Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...

9.3CVSS7.1AI score0.27059EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•31 views

Microsoft Silverlight & .NET Framework Unmanaged Objects Remote Code Execution Vulnerability

Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service...

0.5AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•31 views

Microsoft Internet Explorer Uninitalized Object CVE-2011-1993 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.17574EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•31 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1985) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...

7.2CVSS0.2AI score0.02386EPSS
Exploits5Affected Software21
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•31 views

Microsoft Forefront Unified Access Gateway Null Session Cookie Denial of Service Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the web server of the affected application, denying service to legitimate users. Technologies Affected Microsoft Forefront Unified Access Gateway...

1.8AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•31 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1881) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...

7.2CVSS0.01328EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/06/14 12:0 a.m.•31 views

Adobe Acrobat and Reader CVE-2011-2096 Remote Heap Buffer Overflow Vulnerability

Description Adobe Acrobat and Reader are prone to a remote heap-based buffer-overflow vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to 10.1 are affected. Technologies...

9.3CVSS7.3AI score0.08241EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2011/06/14 12:0 a.m.•31 views

Microsoft Excel Heap Memory Corruption CVE-2011-1275 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS0.3AI score0.1332EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2011/05/12 12:0 a.m.•31 views

Adobe Flash Player CVE-2011-0619 Remote Memory Corruption Vulnerability

Description Adobe Flash Player is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...

9.3CVSS0.3AI score0.0388EPSS
Exploits1References1Affected Software8
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•31 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1238) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•31 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1234) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01443EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•31 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1242) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•31 views

Microsoft Office TIFF Image Converter (CVE-2010-3947) Heap Based Buffer Overflow Vulnerability

Description Microsoft Office is prone to a remote heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a special...

9.3CVSS0.2AI score0.29343EPSS
Exploits0
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2010-3348 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...

4.3CVSS6.2AI score0.13615EPSS
Exploits0Affected Software7
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•31 views

Microsoft Internet Explorer Uninitialized HTML Element CVE-2010-3346 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...

9.3CVSS6.9AI score0.28886EPSS
Exploits4Affected Software7
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•31 views

Microsoft Word Bookmark Handling (CVE-2010-3216) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.6AI score0.20833EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•31 views

Microsoft Word (CVE-2010-3217) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS2AI score0.40126EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2010/06/08 12:0 a.m.•31 views

Microsoft Excel CVE-2010-1251 Record Parsing Stack Corruption Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

9.3CVSS0.3AI score0.21221EPSS
Exploits0References1Affected Software4
Symantec
Symantec
•added 2010/04/20 8:0 a.m.•31 views

Symantec Altiris Deployment Solution dbmanager Denial of Service

SUMMARY Symantecs Altiris Deployment Solution is susceptible to a denial of service which can temporarily halt deployment solution activity. An attacker would need to be on the network segment to effectively implement the denial of service. AFFECTED PRODUCTS Product | Version | Build | Solutions...

3.3CVSS6.6AI score0.00854EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2010/03/04 8:0 a.m.•31 views

Multi-Vendor Autonomy KeyView Filter Module OLE Document Processing Overflow

SUMMARY Symantec products that ship a third-party Autonomy KeyView filter have updated the module to address a vulnerability in the processing of specifically crafted OLE documents reported against the KeyView module. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symante...

10CVSS6.8AI score0.03737EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2010/02/09 12:0 a.m.•31 views

Microsoft DirectX DirectShow AVI File Parsing Remote Code Execution Vulnerability

Description Microsoft DirectX is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running an application that uses DirectX. Failed exploit attempts will result in a denial-of-service condition...

7.8AI score
Exploits0Affected Software12
Symantec
Symantec
•added 2009/12/14 12:0 a.m.•31 views

Adobe Reader and Acrobat 'newplayer()' JavaScript Method Remote Code Execution Vulnerability

Description Adobe Reader and Acrobat are prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code. Failed exploit attempts will likely cause denial-of-service conditions. This issue affects Reader and Acrobat 9.2 and prior versions. Technologies...

7.9AI score
Exploits0References4Affected Software14
Symantec
Symantec
•added 2009/10/29 12:0 a.m.•31 views

Sun Java SE November 2009 Multiple Security Vulnerabilities

Description Sun has released updates to address multiple security vulnerabilities in Java SE. Successful exploits may allow attackers to bypass certain security restrictions, run untrusted applets with elevated privileges, execute arbitrary code, and cause denial-of-service conditions. Other...

1AI score
Exploits0References5Affected Software44
Symantec
Symantec
•added 2009/10/13 12:0 a.m.•31 views

Microsoft Windows Kernel Integer Underflow Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. The vulnerability is caused by an integer-underflow issue. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will...

0.3AI score
Exploits0Affected Software9
Symantec
Symantec
•added 2009/10/13 12:0 a.m.•31 views

Microsoft GDI+ Malformed Office BMP File Integer Overflow Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes BMP files in Microsoft Office documents. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user...

Exploits0References1Affected Software4
Symantec
Symantec
•added 2009/07/13 12:0 a.m.•31 views

Mozilla Firefox 3.5 'TraceMonkey' Component Remote Code Execution Vulnerability

Description Mozilla Firefox is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed attempts will likely result in denial-of-service conditions. The issue affects...

0.8AI score
Exploits0References4Affected Software4
Symantec
Symantec
•added 2009/06/09 12:0 a.m.•31 views

Microsoft IIS 5.0 WebDAV Authentication Bypass Vulnerability

Description Microsoft Internet Information Services IIS is prone to an authentication-bypass vulnerability because it fails to properly enforce access restrictions on certain requests to a site that requires authentication. An attacker can exploit this issue to gain unauthorized access to protect...

0.8AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2009/05/12 12:0 a.m.•31 views

Microsoft PowerPoint Sound Data (CVE-2009-0225) Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint 95 file. Successfully exploiting this issue can allow the attacker to execute arbitrary code in the context of the currently...

9.3CVSS0.4AI score0.3107EPSS
Exploits2References1Affected Software1
Symantec
Symantec
•added 2009/05/12 12:0 a.m.•31 views

Microsoft PowerPoint Sound Data (CVE-2009-0223) Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker could exploit this issue by enticing a victim to open a malicious PowerPoint file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently...

9.3CVSS7AI score0.27984EPSS
Exploits1References2Affected Software1
Symantec
Symantec
•added 2009/04/28 8:0 a.m.•31 views

Symantec Reporting Server Improper URL Handling Exposure

SUMMARY The login web page in some versions of Symantec Reporting Server contains a URL handling error which could potentially allow an attacker to launch a phishing attack. AFFECTED PRODUCTS Product | Affected Version | Solution ---|---|--- Symantec AntiVirus Corporate Edition | 10.1 MR7 and...

5CVSS6.6AI score0.04225EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2009/04/14 12:0 a.m.•31 views

Microsoft Windows NTLM Credential Reflection Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a vulnerability that could let attackers replay NTLM NT LAN Manager credentials. A successful exploit would let an attacker execute arbitrary code in the context of the affected user. Technologies Affected Avaya Messaging Application Server Avaya Messagin...

7.7AI score
Exploits0References1Affected Software11
Symantec
Symantec
•added 2008/07/08 12:0 a.m.•31 views

Microsoft SQL Server Convert Function Remote Memory Corruption Vulnerability

Description Microsoft SQL Server is prone to a remote memory-corruption vulnerability because it fails to perform adequate boundary checks on user-supplied input. Authenticated attackers can exploit this issue to execute arbitrary code and completely compromise affected computers. Failed attacks...

0.7AI score
Exploits0Affected Software5
Total number of security vulnerabilities5000