Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2014/06/10 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2014-0282 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability due to a use-after-free condition. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service...

9.3CVSS0.1AI score0.46767EPSS
Exploits1Affected Software10
Symantec
Symantec
•added 2014/06/10 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2014-1781 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...

9.3CVSS0.2AI score0.20687EPSS
Exploits0Affected Software10
Symantec
Symantec
•added 2014/05/13 12:0 a.m.•30 views

Microsoft SharePoint CVE-2014-1754 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

4.3CVSS6.3AI score0.11073EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2014/04/08 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2014-1755 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencing...

9.3CVSS0.2AI score0.20344EPSS
Exploits1References1Affected Software2
Symantec
Symantec
•added 2014/02/11 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2014-0270 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...

9.3CVSS0.25296EPSS
Exploits1Affected Software11
Symantec
Symantec
•added 2014/02/11 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2014-0278 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya CallPilot 4.0 Avaya...

9.3CVSS0.1AI score0.16894EPSS
Exploits1Affected Software11
Symantec
Symantec
•added 2013/11/12 12:0 a.m.•30 views

Microsoft Office WPD File Processing CVE-2013-1325 Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

9.3CVSS0.7AI score0.31433EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/11/12 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2013-3916 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8, 9, 10, and 11 ar...

9.3CVSS0.2AI score0.17808EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/10/08 12:0 a.m.•30 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-3881 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of the affected...

7.2CVSS1.9AI score0.14835EPSS
Exploits7References1Affected Software3
Symantec
Symantec
•added 2013/10/08 12:0 a.m.•30 views

Microsoft Excel CVE-2013-3890 Memory Corruption Vulnerability

Description Microsoft Excel is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Excel 2007 SP3 Microsoft...

9.3CVSS1AI score0.20022EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•30 views

Microsoft Word CVE-2013-3854 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

9.3CVSS0.4AI score0.20145EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2013/09/10 12:0 a.m.•30 views

Microsoft Word CVE-2013-3848 Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

9.3CVSS0.5AI score0.21139EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2013/08/13 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2013-3187 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 9 and 10 are...

9.3CVSS0.2AI score0.19338EPSS
Exploits1References1Affected Software3
Symantec
Symantec
•added 2013/07/25 8:0 a.m.•30 views

Symantec Web Gateway Security Issues

SUMMARY Symantec's Web Gateway SWG Appliance management console is susceptible to security issues. Successful exploitation could result in unauthorized command execution on or access to the management console, or the appliance itself. There is also potential for unauthorized database manipulation...

8.3CVSS0.6AI score0.10747EPSS
Exploits4Affected Software1
Symantec
Symantec
•added 2013/07/09 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2013-3152 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 10 is affected...

9.3CVSS0.1AI score0.23587EPSS
Exploits0Affected Software10
Symantec
Symantec
•added 2013/07/09 12:0 a.m.•30 views

Microsoft Windows Kernel 'Win32k.sys' CVE-2013-1340 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

7.2CVSS0.5AI score0.01526EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2013/06/11 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2013-3141 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft Internet Explorer 8 and 9 are affecte...

9.3CVSS0.1AI score0.19345EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•30 views

Microsoft Windows CVE-2013-1286 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.4AI score0.01455EPSS
Exploits0Affected Software5
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•30 views

Microsoft Windows 'Win32k.sys' CVE-2013-1256 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.7AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•31 views

Microsoft Windows 'Win32k.sys' CVE-2013-1263 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•30 views

Microsoft Windows 'Win32k.sys' CVE-2013-1252 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.7AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•30 views

Microsoft Silverlight Double-Free CVE-2012-0176 Remote Code Execution Vulnerability

Description Microsoft Silverlight is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies Affected...

9.3CVSS0.7AI score0.22485EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2012-0172 VML Style Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...

9.3CVSS7.1AI score0.21897EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•30 views

Microsoft Windows CSRSS CVE-2011-3408 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to execute arbitrary code with administrator privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Avaya Aura...

7.2CVSS0.1AI score0.01791EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2011/11/09 12:0 a.m.•30 views

Adobe Flash Player CVE-2011-2452 Remote Memory Corruption Vulnerability

Description Adobe Flash Player is prone to an unspecified remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...

10CVSS0.6AI score0.05847EPSS
Exploits0References1Affected Software11
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•30 views

Microsoft Forefront Unified Access Gateway (CVE-2011-1895) HTTP Response Splitting Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could ai...

4.3CVSS0.1AI score0.11137EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•30 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1885) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...

7.2CVSS0.0137EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/06/14 12:0 a.m.•30 views

Microsoft Windows Distributed File System Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. The issue affects the Windows Distributed File System DFS. An attacker can exploit this issue by sending a specially crafted DFS response to the affected application. Successfully exploiting this issue allows an...

0.2AI score
Exploits0Affected Software7
Symantec
Symantec
•added 2011/06/14 12:0 a.m.•30 views

Microsoft Excel Out of Bounds WriteAV CVE-2011-1279 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a boundary condition error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS7.1AI score0.16968EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2011/05/10 12:0 a.m.•30 views

Microsoft PowerPoint (CVE-2011-1270) Remote Buffer Overflow Vulnerability

Description Microsoft PowerPoint is prone to a remote buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will cause a denial-of-service condition. Technologies Affected...

9.3CVSS7.3AI score0.16308EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•30 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1239) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01446EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•30 views

Microsoft Windows Kerberos Encryption Standard Spoofing Vulnerability

Description The Microsoft Windows implementation of Kerberos is prone to a security vulnerability that may allow attackers to downgrade the cipher suite. Successful exploits may allow attackers to change the default encryption standard to DES. This may allow attackers to read and forge all Kerber...

7.2AI score
Exploits0Affected Software7
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•30 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0087) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

7.2CVSS7AI score0.01831EPSS
Exploits0Affected Software8
Symantec
Symantec
•added 2011/01/26 8:0 a.m.•30 views

Multiple Symantec Intel Alert Management System Arbitrary Message Creation or Denial of Service

SUMMARY Symantec was notified of a improper message handling procedures in the Intel Alert Management System AMS2 that can be used to send arbitrary messages or kill the Intel Alert Handler service. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec AntiVirus Corporate Edition...

9.3CVSS0.5AI score0.34516EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/01/11 12:0 a.m.•30 views

Microsoft Data Access Components Data Source Name Buffer Overflow Vulnerability

Description Microsoft Data Access Components MDAC are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•30 views

Microsoft Excel Merge Cell Record Pointer (CVE-2010-3237) Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS1.1AI score0.21413EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•30 views

Microsoft Word (CVE-2010-3214) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS7.1AI score0.24787EPSS
Exploits1Affected Software3
Symantec
Symantec
•added 2010/09/14 12:0 a.m.•30 views

Microsoft WordPad Text Converter Word 97 File Parsing Memory Corruption Vulnerability

Description Microsoft WordPad Text Converter is prone to a remote memory-corruption vulnerability. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may result in denial-of-service conditions. Technologies...

8AI score
Exploits0Affected Software4
Symantec
Symantec
•added 2010/02/09 12:0 a.m.•30 views

Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability in the Client/Server Run-time Subsystem CSRSS. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits may result in the complete compromise of affected...

7.8AI score
Exploits0Affected Software3
Symantec
Symantec
•added 2009/10/06 8:0 a.m.•30 views

Symantec Security Expressions Cross-site Scripting and HTML Injection Vulnerability

SUMMARY Symantecs SecurityExpressions Audit and Compliance Server is susceptible to a cross-site scripting and HTML injection vulnerability. AFFECTED PRODUCTS Product | Version | Solutions ---|---|--- SecurityExpressions Audit and Compliance Server | 4.1 4.1.1 | 4.1.1 KB49452 Hotfix 1 Note:...

4.3CVSS0.6AI score0.01328EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2009/07/28 12:0 a.m.•30 views

Microsoft Visual Studio ATL 'VariantClear()' Remote Code Execution Vulnerability

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability in the Active Template Library ATL. Remote attackers can exploit this issue to execute arbitrary code with the privileges of the user running an application built with the affected library. Technologies Affected...

0.2AI score
Exploits0References10Affected Software22
Symantec
Symantec
•added 2009/04/27 12:0 a.m.•30 views

Adobe Reader 'getAnnots()' JavaScript Function Remote Code Execution Vulnerability

Description Adobe Reader is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash the application, denying service to legitimate users. Reader 8.1.4 and 9.1 for Linux are...

7.8AI score
Exploits0References2Affected Software15
Symantec
Symantec
•added 2008/09/09 12:0 a.m.•30 views

Microsoft GDI+ VML Heap-Based Buffer Overflow Vulnerability

Description Microsoft GDI+ is prone to a heap-based buffer-overflow vulnerability because the vector graphics link library improperly processes gradient sizes. Successfully exploiting this issue would allow an attacker to corrupt heap memory and execute arbitrary code in the context of the...

0.6AI score
Exploits0References1Affected Software33
Symantec
Symantec
•added 2008/01/08 12:0 a.m.•30 views

Microsoft Windows LSASS LPC Request Local Privilege Escalation Vulnerability

Description Microsoft Windows Local Security Authority Subsystem Service LSASS is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will facilitate in the complete...

7.9AI score
Exploits0References1Affected Software4
Symantec
Symantec
•added 2007/05/08 12:0 a.m.•30 views

Microsoft Exchange IMAP Command Processing Remote Denial of Service Vulnerability

Description Microsoft Exchange is prone to a remote denial-of-service vulnerability because it fails to properly handle specially crafted IMAP commands. Successfully exploiting this issue allows remote attackers to cause targeted Exchange servers' mail service to stop responding, thus denying...

0.6AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2007/04/28 12:0 a.m.•30 views

Multiple Image Editing Applications .PNG Format Handling Remote Buffer Overflow Vulnerability

Description Multiple image editors are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successful exploits allow remote attackers to execute arbitrary machine code i...

1.7AI score
Exploits0References2Affected Software3
Symantec
Symantec
•added 2007/02/13 12:0 a.m.•30 views

Microsoft Windows Shell Hardware Detection Service Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability due to a lack of proper input validation. A local attacker can exploit this issue to elevate user privileges. Successful exploits will result in the complete compromise of vulnerable computers. Technologies...

6.9AI score
Exploits0References1Affected Software3
Symantec
Symantec
•added 2007/01/09 12:0 a.m.•30 views

Microsoft Office And Microsoft Windows RichEdit Component Remote Code Execution Vulnerability

Description Microsoft Office and Microsoft Windows RichEdit component are prone to a remote code-execution vulnerability. This issue occurs when malformed Rich Text Files RTF are processed. An attacker could exploit this issue by enticing a victim to load a malicious RTF file. If the vulnerabilit...

7.9AI score
Exploits0References1Affected Software9
Symantec
Symantec
•added 2006/02/21 12:0 a.m.•30 views

Apple Mac OS X Archive Metadata Command Execution Vulnerability

Description Apple Mac OS X is prone to an arbitrary command-execution vulnerability when processing metadata in archive files. Commands would be executed in the context of the user opening the archive file. Attackers can reportedly use Safari and Apple Mail as exploitation vectors for this...

1.2AI score
Exploits0References2Affected Software2
Symantec
Symantec
•added 2005/10/19 8:0 a.m.•30 views

Symantec LiveUpdate for Macintosh Local Privilege Escalation

SUMMARY Risk Impact Medium Remote Access | No ---|--- Local Access | Yes Authentication Required | Yes Exploit publicly available | No AFFECTED PRODUCTS Product | Version | Build | Language | Solution ---|---|---|---|--- LiveUpdate for Macintosh | 3.0.0 | All | All | Live Update Patch 3.0.1 | All...

7.2CVSS0.1AI score0.00416EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000