Lucene search
K
SymantecRecent

6867 matches found

Symantec
Symantec
•added 2012/05/08 12:0 a.m.•25 views

Microsoft Windows Partition Manager Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows Partition Manager 'partmgr.sys'. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of...

1.7AI score
Exploits0Affected Software3
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•36 views

Microsoft Excel CVE-2012-1847 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.25099EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•53 views

Microsoft Windows CVE-2012-0181 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers or cause denial of servi...

7.2CVSS0.8AI score0.03401EPSS
Exploits1Affected Software8
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•14 views

Microsoft Excel SXLI Record Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

0.1AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•13 views

Microsoft Excel 'MergeCells' Record Heap Overflow Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel '.xls' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running...

0.7AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•32 views

Microsoft Windows CVE-2012-0180 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS0.7AI score0.01263EPSS
Exploits1Affected Software8
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•15 views

Microsoft .NET Framework Index Comparison Denial Of Service Vulnerability

Description Microsoft .NET Framework is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause the application to become unresponsive or to crash, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible...

0.5AI score
Exploits0Affected Software5
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•31 views

Microsoft Excel Memory Corruption CVE-2012-0141 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS0.2AI score0.21769EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•46 views

Microsoft Windows TrueType Font Engine CVE-2012-0159 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the TrueType Font engine. An attacker can exploit this issue through the Windows Kernel-Mode drivers to execute arbitrary code in kernel mode. The attacker can also exploit this issue through Microsoft...

9.3CVSS6.9AI score0.26816EPSS
Exploits1Affected Software18
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•45 views

Microsoft Excel Memory Corruption CVE-2012-0143 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS1.4AI score0.2239EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•30 views

Microsoft Silverlight Double-Free CVE-2012-0176 Remote Code Execution Vulnerability

Description Microsoft Silverlight is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies Affected...

9.3CVSS0.7AI score0.22485EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•34 views

Microsoft Excel Memory Corruption CVE-2012-0142 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS0.2AI score0.21596EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•38 views

Microsoft .NET Framework Serialization CVE-2012-0161 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts will likely result in a denial-of-service condition. Technologies...

9.3CVSS1.1AI score0.22256EPSS
Exploits1Affected Software4
Symantec
Symantec
•added 2012/05/08 12:0 a.m.•44 views

Microsoft Windows Firewall CVE-2012-0174 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability that affects the TCP/IP stack 'tcpip.sys' component. An attacker can exploit this issue to bypass firewall restrictions of the system, that may aid in further attacks. Technologies Affected Avaya Aura Conferencing 6.0 SP1...

1.7CVSS0.7AI score0.05017EPSS
Exploits1Affected Software3
Symantec
Symantec
•added 2012/05/04 12:0 a.m.•32 views

Adobe Flash Player CVE-2012-0779 Object Type Confusion Remote Code Execution Vulnerability

Description Adobe Flash Player is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. The following...

9.3CVSS0.4AI score0.85698EPSS
Exploits10Affected Software7
Symantec
Symantec
•added 2012/05/04 12:0 a.m.•124 views

PHP 'php-cgi' Information Disclosure Vulnerability

Description PHP is prone to an information-disclosure vulnerability. Exploiting this issue allows remote attackers to view the source code of files in the context of the server process. This may allow the attacker to obtain sensitive information and to run arbitrary PHP code on the affected...

7.5CVSS0.3AI score0.99998EPSS
Exploits42References8Affected Software40
Symantec
Symantec
•added 2012/04/17 12:0 a.m.•36 views

Oracle JRockit CVE-2012-1695 Remote Security Vulnerability

Description Oracle JRockit is prone to a remote security vulnerability. The vulnerability can be exploited over the 'Multiple' protocol. This vulnerability affects the following supported versions: 28.2.2 and before: JDK/JRE 5 and 6 27.7.1 and before: JKD/JRE 5 and 6 Technologies Affected Oracle...

10CVSS1.2AI score0.03819EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•30 views

Microsoft Internet Explorer CVE-2012-0172 VML Style Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...

9.3CVSS7.1AI score0.21897EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•35 views

Microsoft Office Works File Converter (CVE-2012-0177) Heap Based Buffer Overflow Vulnerability

Description Microsoft Office is prone to a remote heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted '.wps' file...

9.3CVSS0.2AI score0.30052EPSS
Exploits1Affected Software2
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•21 views

Microsoft Forefront Unified Access Gateway Information Disclosure Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Technologies Affected Microsoft Forefront Unified Access Gateway 2010 Microso...

7.5AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•19 views

Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability

Description Microsoft Windows Common Controls is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the...

0.2AI score
Exploits0References2Affected Software6
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•36 views

Microsoft Internet Explorer CVE-2012-0169 JScript9 Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aura Conferencin...

9.3CVSS0.30421EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•27 views

Microsoft .NET Framework Parameter Validation Remote Code Execution Vulnerability

Description The .NET Framework is prone to a remote code-execution vulnerability. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the currently logged-in user. Failed attacks will cause denial-of-service conditions. In a web hosting environment,...

0.3AI score
Exploits0References1Affected Software5
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•26 views

Microsoft Internet Explorer CVE-2012-0170 OnReadyStateChange Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...

9.3CVSS7.1AI score0.22368EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•17 views

Microsoft Windows Authenticode Signature Verification Function Remote Code Execution Vulnerability

Description Microsoft Windows Authenticode Signature Verification is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting victim to run or install a specially modified signed Portable Executable PE file. Successful exploits can allow attacke...

8.1AI score
Exploits0Affected Software8
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•32 views

Microsoft Internet Explorer CVE-2012-0168 Print Feature Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...

7.6CVSS7.1AI score0.18305EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•22 views

Microsoft Forefront Unified Access Gateway URI Open Redirection Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a URI open-redirection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to spoof a UAG server or redirect legitimate network traffic intended for a UAG server. This may...

7.3AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2012/04/10 12:0 a.m.•31 views

Microsoft Internet Explorer CVE-2012-0171 SelectAll Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura Conferenci...

9.3CVSS7.1AI score0.27059EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/03/14 8:0 a.m.•24 views

Altiris WISE Package Studio SQL Injections

SUMMARY Symantecs Altiris WISE Package Studio is susceptible to SQL injection attacks. It is possible to execute arbitrary SQL queries on the backend database of a targeted system. AFFECTED PRODUCTS Product | Version | Build | Solution ---|---|---|--- Altiris WISE Package Studio | 8.0 and prior |...

0.6AI score0.01263EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/03/13 12:0 a.m.•20 views

Microsoft Visual Studio Add-In Local Privilege Escalation Vulnerability

Description Microsoft Visual Studio is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Microsoft Visu...

3.1AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2012/03/13 12:0 a.m.•18 views

Microsoft Expression 'wintab32.dll' DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Expression is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link...

1.8AI score
Exploits0References3Affected Software1
Symantec
Symantec
•added 2012/03/13 12:0 a.m.•171 views

Microsoft Remote Desktop Protocol CVE-2012-0002 Remote Code Execution Vulnerability

Description Microsoft Remote Desktop Protocol is prone to a remote code-execution vulnerability. Successful exploits will allow the attacker to execute arbitrary code in the context of the affected process. This may facilitate a complete system compromise. Failed attacks may cause denial-of-servi...

9.3CVSS9.5AI score0.73924EPSS
Exploits11References3Affected Software13
Symantec
Symantec
•added 2012/03/13 12:0 a.m.•18 views

Microsoft Windows 'DirectWrite' API Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability. Successful exploits will cause the vulnerable applications that use the affected API to crash or become unresponsive, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1...

7.4AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2012/03/13 12:0 a.m.•124 views

Microsoft Remote Desktop Protocol Service CVE-2012-0152 Denial of Service Vulnerability

Description Microsoft Remote Desktop Protocol is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura...

4.3CVSS9.3AI score0.86147EPSS
Exploits2Affected Software7
Symantec
Symantec
•added 2012/03/13 12:0 a.m.•47 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2012-0157) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

7.2CVSS0.1AI score0.0144EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2012/03/13 12:0 a.m.•34 views

Microsoft Windows DNS Server (CVE-2012-0006) Remote Denial of Service Vulnerability

Description The Microsoft Windows DNS Server is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the DNS server service to stop responding, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura...

5CVSS6.4AI score0.31083EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/03/01 8:0 a.m.•29 views

Symantec pcAnywhere awhost32 Denial of Service

SUMMARY A Denial of Service DoS exploit has been publicly released that can temporarily crash the awhost32 service for Symantec pcAnywhere. AFFECTED PRODUCTS Product | Version | Build | Solution ---|---|---|--- | | | Symantec pcAnywhere | 12.5.x | All | Upgrade to the latest release of pcAnywhere...

5CVSS6.5AI score0.07171EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/02/15 12:0 a.m.•51 views

Adobe Flash Player CVE-2012-0754 Remote Memory Corruption Vulnerability

Description Adobe Flash Player is prone to an unspecified remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...

10CVSS0.3AI score0.9203EPSS
Exploits11Affected Software8
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•24 views

Microsoft Silverlight & .NET Framework Heap Corruption Remote Code Execution Vulnerability

Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service...

0.1AI score
Exploits0Affected Software5
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•18 views

Microsoft SharePoint 'wizardlist.aspx' Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

6.9AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•21 views

Microsoft Visio Viewer VSD File Format CVE-2012-0020 Remote Code Execution Vulnerability

Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.2AI score0.20287EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•18 views

Microsoft Visio Viewer VSD File Format CVE-2012-0138 Remote Code Execution Vulnerability

Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.2AI score0.20124EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•26 views

Microsoft Internet Explorer Use-After-Free Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability because of a use-after-free error in the 'Mshtml.dll' library. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromi...

8AI score
Exploits0References1Affected Software6
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•29 views

Microsoft Visio Viewer VSD File Format CVE-2012-0137 Remote Code Execution Vulnerability

Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.2AI score0.20124EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•70 views

Oracle Java SE Remote Java Runtime Environment Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code execution vulnerability in Java Runtime Environment. An attacker can exploit this issue to bypass the Java sandbox restriction and execute arbitrary code. This vulnerability affects the following supported versions: 7 Update 2, 6 Update 30, 5.0...

10CVSS0.1AI score0.98113EPSS
Exploits13References7Affected Software42
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•53 views

Microsoft Windows Ancillary Function Driver CVE-2012-0149 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Avaya Aura...

7.2CVSS0.6AI score0.01585EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•33 views

Microsoft Internet Explorer CVE-2012-0010 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability because it fails to adequately validate user-supplied data during copy and paste operations. An attacker can exploit this issue to view content from a browser window in another domain or securi...

4.3CVSS6.1AI score0.14099EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•31 views

Microsoft Silverlight & .NET Framework Unmanaged Objects Remote Code Execution Vulnerability

Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service...

0.5AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•43 views

Microsoft SharePoint 'inplview.aspx' Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

6.9AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•24 views

Microsoft Internet Explorer Null Byte Handling Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to an information-disclosure vulnerability. An attacker can exploit this issue to view content from the Internet Explorer's process memory. This may allow the attacker to obtain sensitive information or aid in further attacks. Technologies Affected...

7AI score
Exploits0Affected Software6
Total number of security vulnerabilities6867