Lucene search
K
SymantecRecent

6867 matches found

Symantec
Symantec
•added 2012/07/10 12:0 a.m.•36 views

Microsoft Internet Explorer CVE-2012-1522 Cached Object Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Conferencing...

9.3CVSS0.7AI score0.20933EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•45 views

Microsoft SharePoint CVE-2012-1861 HTML Injection Vulnerability

Description Microsoft SharePoint is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication...

4.3CVSS6.2AI score0.15406EPSS
Exploits0References1Affected Software3
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•14 views

Microsoft SharePoint Search Scope Information Disclosure Vulnerability

Description Microsoft SharePoint is prone to a remote information-disclosure vulnerability. Attackers can leverage this issue to tamper with and access information about user search scopes. Information obtained may aid in further attacks. Technologies Affected Microsoft Office SharePoint Server...

7.4AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•17 views

Microsoft Windows TLS Protocol CBC Mode Information Disclosure Vulnerability

Description Microsoft Windows is prone to an information disclosure vulnerability that occurs because of a design error in the TLS protocol when the cipher-block chaining CBC mode of operation is used. An attacker can exploit this issue to gain access to sensitive information that may aid in...

6.8AI score
Exploits0Affected Software18
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•18 views

Microsoft Office for Mac Improper Folder Permissions Local Privilege Escalation Vulnerability

Description Microsoft Office for Mac is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with administrator privileges, resulting in a complete compromise of the affected computer. Microsoft Office for Mac 2011 is vulnerable...

2.5AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•40 views

Microsoft Windows CVE-2012-1893 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.1AI score0.01791EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•41 views

Microsoft SharePoint 'scriptresx.ashx' Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

7AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•49 views

Microsoft Data Access Components CVE-2012-1891 Buffer Overflow Vulnerability

Description Microsoft Data Access Components MDAC are prone to a heap-based buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed...

9.3CVSS6.9AI score0.29406EPSS
Exploits0References1Affected Software5
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•39 views

Microsoft SharePoint CVE-2012-1863 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

4.3CVSS6.3AI score0.2308EPSS
Exploits1References1Affected Software3
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•225 views

Microsoft SharePoint CVE-2012-1862 URI Redirection Vulnerability

Description Microsoft SharePoint is prone to an open-redirection vulnerability because the application fails to properly sanitize user-supplied input. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. When an unsuspecting victim follows the link,...

6.8CVSS0.5AI score0.10762EPSS
Exploits1References1Affected Software2
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•40 views

Microsoft Windows CVE-2012-1890 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.1AI score0.01791EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2012/07/10 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2012-1524 Attribute Remove Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Conferencing...

9.3CVSS0.6AI score0.20933EPSS
Exploits1References1Affected Software2
Symantec
Symantec
•added 2012/06/26 8:0 a.m.•59 views

Symantec Message Filter Security Issues

SUMMARY Symantecs Message Filter management interface, the Brightmail Control Center, is susceptible to a number of security concerns resulting from improper input validation and authentication. Successful exploitation of these issues could result in unauthorized privileged access to the...

6.8CVSS0.01502EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/15 8:0 a.m.•33 views

Symantec LiveUpdate Administrator 2.3 Insecure File Permissions

SUMMARY Symantec LiveUpdate Administrator 2.3 and prior install some files with insecure file permissions during a default installation. These files allow full control permission to everyone which could result in arbitrary command execution with elevated privileges on the system. AFFECTED PRODUCT...

6.9CVSS0.2AI score0.00347EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•34 views

Microsoft Internet Explorer CVE-2012-1872 EUC-JP Character Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 6.0 SP1 Microsoft Intern...

4.3CVSS5.7AI score0.06355EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2012-1881 'OnRowsInserted' Event Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS0.8AI score0.24052EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•37 views

Microsoft Lync CVE-2012-1849 DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Lync is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location which contains a specially crafted Dynamic Link Library...

9.3CVSS0.2AI score0.18427EPSS
Exploits0References3Affected Software2
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•43 views

Microsoft Internet Explorer CVE-2012-1878 'OnBeforeDeactivate' Event Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.1AI score0.22344EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•14 views

Microsoft .NET Framework Function Pointer Execution Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition...

0.5AI score
Exploits0
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2012-1873 Null Byte Handling Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 8 Microsoft Internet...

4.3CVSS5.7AI score0.18259EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•34 views

Microsoft Internet Explorer CVE-2012-1880 'insertRow()' Method Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.1AI score0.24052EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•43 views

Microsoft Windows CVE-2012-1867 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.3AI score0.01224EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•46 views

Microsoft XML Core Services CVE-2012-1889 Remote Code Execution Vulnerability

Description Microsoft XML Core Services is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Microsoft XML Core Services versions 3.0,...

9.3CVSS0.2AI score0.83638EPSS
Exploits12References3Affected Software5
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•40 views

Microsoft Internet Explorer And Microsoft Lync HTML Sanitizing Information Disclosure Vulnerability

Description Microsoft Internet Explorer and Microsoft Lync are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Groove Server 2010 Microsoft Groove Server 2010 SP1...

4.3CVSS5.6AI score0.22024EPSS
Exploits6References1Affected Software10
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•34 views

Microsoft Remote Desktop Protocol CVE-2012-0173 Remote Code Execution Vulnerability

Description Microsoft Remote Desktop Protocol is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code with full user-level privileges. This may facilitate a complete system compromise. Failed attacks may cause denial-of-service...

9.3CVSS0.6AI score0.20933EPSS
Exploits1Affected Software3
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•34 views

Microsoft Internet Explorer CVE-2012-1877 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.2AI score0.24052EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•21 views

Microsoft Internet Explorer Scrolling Events Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to view content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information or aid in further...

7AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2012-1879 'insertAdjacentText()' Method Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.1AI score0.19579EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2012-1874 Developer Toolbar Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS0.7AI score0.24103EPSS
Exploits1References1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•35 views

Microsoft Windows CVE-2012-1865 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.3AI score0.0164EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•28 views

Intel CPU Hardware Local Privilege Escalation Vulnerability

Description 64-bit operating systems and virtualization software running on Intel CPU hardware are prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to escalate privileges and execute arbitrary code with kernel-level privileges or to do a guest-to-host virtual...

1.4AI score
Exploits0References3Affected Software18
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•37 views

Microsoft Windows 'Win32k.sys' CVE-2012-1868 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

6.9CVSS1.3AI score0.01224EPSS
Exploits1Affected Software3
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•14 views

Microsoft Dynamic AX Enterprise Portal Cross Site Scripting Vulnerability

Description Microsoft Dynamic AX is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

6.9AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•36 views

Microsoft Windows CVE-2012-1864 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.3AI score0.01577EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•43 views

Microsoft Windows CVE-2012-1866 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS1.3AI score0.01722EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•48 views

Oracle Java SE CVE-2012-1723 Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Hotspot' sub-component. This vulnerability affects the following supported versions: 7 Update 4, 6 Update 3...

10CVSS0.5AI score0.93688EPSS
Exploits9References3Affected Software43
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•47 views

Microsoft Internet Explorer CVE-2012-1876 Col Element Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7AI score0.64962EPSS
Exploits27Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•29 views

Microsoft Internet Explorer CVE-2012-1523 Center Element Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS7.1AI score0.22475EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/06/12 12:0 a.m.•34 views

Microsoft Internet Explorer CVE-2012-1875 Same ID Property Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Microsoft Internet...

9.3CVSS1AI score0.61655EPSS
Exploits11References1Affected Software1
Symantec
Symantec
•added 2012/05/22 8:0 a.m.•33 views

Symantec Endpoint Protection Multiple Issues

SUMMARY Specific versions of the Symantec Endpoint Protection Management Console in Symantec Endpoint Protection 11.x and Symantec Network Access Control 11.x are susceptible to a potential local access elevation of privilege. The Management Console in Symantec Endpoint Protection 12.1 is...

9.3CVSS1.4AI score0.04025EPSS
Exploits7Affected Software2
Symantec
Symantec
•added 2012/05/22 8:0 a.m.•33 views

Symantec Endpoint Protection Manager 11.x Denial of Service

SUMMARY Versions of Symantec Endpoint Protection Manager 11.0 running the Network Threat Protection module on Windows Server 2003 are susceptible to a Denial of ServiceDoS. Successful exploitation could potentially result in the system hosting Symantec Endpoint Protection Manager becoming...

5CVSS0.1AI score0.0287EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2012/05/17 8:0 a.m.•36 views

Symantec Web Gateway Multiple Security Issues

SUMMARY Symantecs Web Gateway management GUI is susceptible to file include command injection/execution, file upload/execution and file download/deletion security issues. The management GUI is also susceptible to cross-site scripting XSS. Successful exploitation could result in execution of...

10CVSS0.1AI score0.72596EPSS
Exploits28Affected Software1
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•41 views

Microsoft .NET Framework Serialization CVE-2012-0162 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies...

9.3CVSS0.8AI score0.21902EPSS
Exploits1Affected Software5
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•34 views

Microsoft Visio Viewer VSD File Format CVE-2012-0018 Remote Code Execution Vulnerability

Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.2AI score0.25072EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•40 views

Microsoft Word CVE-2012-0183 RTF Data Handling Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...

9.3CVSS0.1AI score0.24412EPSS
Exploits4Affected Software2
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•41 views

Microsoft .NET Framework Input Serialization CVE-2012-0160 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting victim to run a malicious .NET application or visit a site that hosts the malicious content as an Extensible Application Markup Language XAML...

9.3CVSS0.5AI score0.22889EPSS
Exploits0Affected Software4
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•41 views

Microsoft Windows CVE-2012-1848 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS0.9AI score0.01899EPSS
Exploits1Affected Software8
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•38 views

Microsoft GDI+ CVE-2012-0167 EMF Image Processing Buffer Overflow Vulnerability

Description Microsoft GDI+ is prone to a remote heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code with the privileges of the...

9.3CVSS0.2AI score0.29182EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•40 views

Microsoft GDI+ CVE-2012-0165 EMF Image Processing Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability that occurs when an application using the library tries to process a specially crafted Enhanced Metafile EMF image. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently...

9.3CVSS7.2AI score0.25203EPSS
Exploits1Affected Software13
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•43 views

Microsoft Windows Firewall CVE-2012-0174 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability that affects the TCP/IP stack 'tcpip.sys' component. An attacker can exploit this issue to bypass firewall restrictions of the system, that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 SP1...

1.7CVSS0.7AI score0.05017EPSS
Exploits1Affected Software3
Total number of security vulnerabilities6867