Lucene search
K
SymantecMost viewed

6867 matches found

Symantec
Symantec
•added 2013/03/12 12:0 a.m.•29 views

Microsoft SharePoint CVE-2013-0083 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

4.3CVSS6.4AI score0.14333EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•29 views

Microsoft SharePoint CVE-2013-0084 Directory Traversal Vulnerability

Description Microsoft SharePoint is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied data. A remote attacker could exploit this vulnerability using directory-traversal strings such as '../' to obtain sensitive information or elevate their...

7.5CVSS0.2135EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2013-0094 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.7AI score0.18477EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2013/03/12 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2013-0087 Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

9.3CVSS0.7AI score0.18477EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•29 views

Microsoft Windows 'Win32k.sys' CVE-2013-1262 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•29 views

Microsoft Windows 'Win32k.sys' CVE-2013-1250 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.7AI score0.01466EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/02/12 12:0 a.m.•29 views

Microsoft Windows 'Win32k.sys' CVE-2013-1268 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to gain elevated privileges and to read arbitrary amounts of kernel memory. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 4.0.1 Avaya CallPilot 5.0 Avaya...

4.9CVSS0.8AI score0.01525EPSS
Exploits0Affected Software13
Symantec
Symantec
•added 2013/01/23 12:0 a.m.•30 views

MantisBT CVE-2013-1934 HTML Injection Vulnerability

Description MantisBT is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied data. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...

3.5CVSS0.00924EPSS
Exploits0References3Affected Software1
Symantec
Symantec
•added 2012/12/11 12:0 a.m.•29 views

Microsoft Windows TrueType Font CVE-2012-4786 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code in kernel-mode. Failed attempts will cause a denial-of-service condition. Technologies Affected Microsoft Windows 7 for 32-bit Systems Microsoft...

10CVSS0.1AI score0.24213EPSS
Exploits1Affected Software5
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2012-1524 Attribute Remove Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Conferencing...

9.3CVSS0.6AI score0.20933EPSS
Exploits1References1Affected Software2
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2012-1873 Null Byte Handling Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 8 Microsoft Internet...

4.3CVSS5.7AI score0.18259EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2012-1523 Center Element Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.1AI score0.22475EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/03/01 8:0 a.m.•29 views

Symantec pcAnywhere awhost32 Denial of Service

SUMMARY A Denial of Service DoS exploit has been publicly released that can temporarily crash the awhost32 service for Symantec pcAnywhere. AFFECTED PRODUCTS Product | Version | Build | Solution ---|---|---|--- | | | Symantec pcAnywhere | 12.5.x | All | Upgrade to the latest release of pcAnywhere...

5CVSS6.5AI score0.07171EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•29 views

Microsoft Visio Viewer VSD File Format CVE-2012-0137 Remote Code Execution Vulnerability

Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.2AI score0.20124EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/01/10 12:0 a.m.•29 views

Microsoft Windows ClickOnce Application Installer Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malformed file. Successful exploits can allow attackers to execute arbitrary code within the privileges of the user running the...

Exploits0References2Affected Software12
Symantec
Symantec
•added 2011/11/08 12:0 a.m.•29 views

Microsoft Active Directory LDAPS Authentication Bypass Vulnerability

Description Microsoft Active Directory is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions by using a revoked certificate. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya CallPilot 4.0 Avaya CallPilot 5.0...

7.2AI score
Exploits0Affected Software20
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•29 views

Microsoft Internet Explorer 'SwapNode()' CVE-2011-2000 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.18886EPSS
Exploits1References1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•29 views

Microsoft Internet Explorer Option Element CVE-2011-1996 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS6.9AI score0.60456EPSS
Exploits5References1Affected Software6
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•29 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1888) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...

7.2CVSS7AI score0.0166EPSS
Exploits2Affected Software12
Symantec
Symantec
•added 2011/06/14 12:0 a.m.•29 views

Microsoft Internet Explorer Link Properties Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the affected application. Failed attacks will cause denial-of-service conditions. Technologies Affected...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/05/10 12:0 a.m.•29 views

Microsoft PowerPoint (CVE-2011-1269) Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. Successful exploits will result in the execution of arbitrary code with the privileges of the user running the...

9.3CVSS7.3AI score0.14883EPSS
Exploits1References1Affected Software3
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•29 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1231) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01349EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•29 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1234) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01443EPSS
Exploits0Affected Software7
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•29 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0086) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

7.2CVSS0.01676EPSS
Exploits0Affected Software8
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2010-3342 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because the application fails to properly enforce the same-origin policy. An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may...

4.3CVSS6.2AI score0.13615EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•29 views

Microsoft Internet Explorer Uninitialized Object CVE-2010-3340 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...

9.3CVSS7AI score0.25317EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•29 views

Microsoft Office FlashPix Image Converter (CVE-2010-3952) Multiple Buffer Overflow Vulnerabilities

Description Microsoft Office is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues by enticing an unsuspecting user into opening an Office document containing a special...

9.3CVSS1AI score0.20833EPSS
Exploits0References1
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•29 views

Microsoft Word Return Value Handling (CVE-2010-3215) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.7AI score0.20833EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•29 views

Microsoft Windows Failover Clustering File Permissions Security Bypass Vulnerability

Description Microsoft Windows Failover Clustering is prone to a security-bypass vulnerability. Local attackers can exploit this issue to perform unauthorized actions against the administrative shares on the failover cluster disk. Technologies Affected Microsoft Windows Server 2008 R2 Itanium...

0.6AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2010/10/12 12:0 a.m.•29 views

Microsoft Excel Record Format Parsing (CVE-2010-3232) Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.5AI score0.21413EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2010/09/14 12:0 a.m.•29 views

Microsoft Outlook 'Online Mode' Remote Heap Buffer Overflow Vulnerability

Description Microsoft Outlook is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly validate user-supplied data. Attackers can exploit this issue by enticing an unsuspecting user to preview or view a crafted email message. Successfully exploiting this issue wi...

0.6AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2010/02/09 12:0 a.m.•29 views

Microsoft Windows ICMPv6 Route Information Remote Code Execution Vulnerability

Description Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers. Failed exploit attempts will...

0.4AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2009/07/13 12:0 a.m.•29 views

Microsoft Office Web Components ActiveX Control 'msDataSourceObject()' Code Execution Vulnerability

Description Microsoft Office Web Components is prone to a remote code-execution vulnerability that affects the OWC10.Spreadsheet ActiveX control. The control is identified by the following CLSIDs: 0002E541-0000-0000-C000-000000000046 0002E559-0000-0000-C000-000000000046 An attacker could exploit...

Exploits0References4Affected Software3
Symantec
Symantec
•added 2009/03/17 8:0 a.m.•29 views

Symantec Products Update Vulnerable Autonomy KeyView Module

SUMMARY Symantec products that ship and use a third-party Autonomy KeyView module have updated the module to address a buffer overflow vulnerability reported against the KeyView module. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Mail Security for Domino |...

9.3CVSS0.1AI score0.06757EPSS
Exploits2Affected Software1
Symantec
Symantec
•added 2008/06/10 12:0 a.m.•29 views

Microsoft Windows PGM Invalid Fragment Remote Denial Of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability because it fails to adequately handle specially crafted PGM Pragmatic General Multicast network traffic. Attackers can exploit this issue to cause affected computers to stop responding until all the malformed packe...

7.3AI score
Exploits0References1Affected Software6
Symantec
Symantec
•added 2008/02/25 12:0 a.m.•29 views

Rising Web Scan Object 'OL2005.dll' ActiveX Control Remote Code Execution Vulnerability

Description Rising Web Scan Object 'OL2005.dll' ActiveX control is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code on a victim's computer in the context of the vulnerable application using the ActiveX control typically Internet Explorer...

0.8AI score
Exploits0References3
Symantec
Symantec
•added 2008/02/12 12:0 a.m.•29 views

Microsoft Works File Converter Section Header Index Table Remote Code Execution Vulnerability

Description Microsoft Works File Converter is prone to a remote code-execution vulnerability because it fails to adequately validate user-supplied input. An attacker could exploit this issue by enticing a victim to open a malicious '.wps' file. Successfully exploiting this issue would allow the...

7.9AI score
Exploits0References1Affected Software3
Symantec
Symantec
•added 2007/09/20 12:0 a.m.•29 views

Adobe Acrobat Mailto PDF File Command Execution Vulnerability

Description Adobe Acrobat is prone to a command-execution vulnerability when handling malicious PDF files. Remote attackers can exploit this issue to compromise affected computers.. The vendor reports that this issue can be exploited only through Internet Explorer 7 installed on Microsoft Windows...

7.7AI score
Exploits0References3Affected Software4
Symantec
Symantec
•added 2007/07/27 8:0 a.m.•29 views

Symantec Discovery Insecure File Permissions

SUMMARY Insecure default directory and file permissions may allow local users to gain escalated privileges. Severity Low Remote Access | Local network access required ---|--- Local Access | Yes Authentication Required | Yes Exploit publicly available | No AFFECTED PRODUCTS Affected Products Produ...

7.2CVSS6.8AI score0.00388EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2007/07/11 12:0 a.m.•29 views

Symantec AntiVirus Malformed CAB and RAR Compression Remote Vulnerabilities

Description Symantec AntiVirus products that include the Symantec Decomposer are prone to multiple remote vulnerabilities related to the handling of CAB and RAR archives. These issues include a denial-of-service vulnerability and a buffer-overflow vulnerability. Successfully exploiting these issu...

0.7AI score
Exploits0Affected Software26
Symantec
Symantec
•added 2007/05/08 12:0 a.m.•29 views

Microsoft Outlook Web Access Remote Script Injection Vulnerability

Description Microsoft Outlook Web Access is prone to a script-injection vulnerability because the application fails to properly handle specially crafted email attachments. To exploit this issue, attackers must send specially crafted files through email messages to users of the affected applicatio...

Exploits0Affected Software4
Symantec
Symantec
•added 2006/10/10 12:0 a.m.•29 views

Microsoft PowerPoint Object Pointer Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. Exploiting this issue can allow remote attackers to execute arbitrary code on a vulnerable computer by supplying a malicious PowerPoint .ppt document to a user. Technologies Affected Microsoft Office 2000 Microsof...

8.2AI score
Exploits0References3Affected Software2
Symantec
Symantec
•added 2006/04/11 12:0 a.m.•29 views

Microsoft Internet Explorer HTML Tag Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This is related to the handling of certain HTML tags. Attackers could exploit this issue via a malicious web page to execute arbitrary code in the context of the currently logged-in user. They could also use HT...

7.3AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2005/10/11 12:0 a.m.•29 views

Microsoft Windows MSDTC Memory Corruption Vulnerability

Description The Microsoft Windows MSDTC Microsoft Distribution Transaction Coordinator service is prone to a memory corruption vulnerability. This issue could allow for execution of arbitrary code in the context of the service. The vulnerability may be remotely exploitable in some circumstances,...

1.4AI score
Exploits0References4Affected Software6
Symantec
Symantec
•added 2003/11/11 12:0 a.m.•29 views

Microsoft Excel XLM Macro Security Level Bypass Vulnerability

Description A vulnerability has been reported to affect Microsoft Excel that could be exploited by an attacker to execute an XLM macro regardless of the macro security level. The issue has been reported to present itself due to a failure by Excel to sufficiently scan a malicious spreadsheet file...

0.1AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2003/07/01 12:0 a.m.•29 views

InterSystems Cache Insecure Default Permissions Vulnerability

Description It has been reported that the permissions set by default on the files and directories comprising InterSystems Cache are insecure. The permissions on directories allegedly allow for any user to overwrite any file. This creates many opportunities for local attackers to obtain root...

2.1AI score
Exploits0References3Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•28 views

Oracle Database Server cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Database Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over 'OracleNet' protocol. The 'Database Gateway for ODBC' component is affected. These vulnerabilities affect the following supported versions: 11.2.0.4, 12.1.0.2,...

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2020/01/14 12:0 a.m.•28 views

Microsoft Windows Subsystem for Linux CVE-2020-0636 Local Privilege Escalation Vulnerability

Description Microsoft Windows Subsystem for Linux is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based...

2.7AI score0.00814EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•28 views

Cisco UCS Director CVE-2019-16003 Information Disclosure Vulnerability

Description Cisco UCS Director is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvr00602. Technologies Affected Cisco UCS Director 4.0.0.0 Cisco UC...

0.6AI score0.01221EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2020/01/08 12:0 a.m.•28 views

Cisco Crosswork Change Automation CVE-2019-16024 Cross Site Scripting Vulnerability

Description Cisco Crosswork Change Automation is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

0.2AI score0.00801EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities5000