Lucene search
K
SymantecRecent

6867 matches found

Symantec
Symantec
•added 2012/02/14 12:0 a.m.•16 views

Microsoft Windows ASX File Parsing Remote Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote buffer-overflow vulnerability when handling a specially crafted media file. An attacker can exploit this issue by enticing an unsuspecting user to view a webpage containing malicious content or to open a malicious media file. Successful exploits...

0.3AI score
Exploits0References2Affected Software8
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•16 views

Microsoft Visio Viewer VSD File Format CVE-2012-0019 Remote Code Execution Vulnerability

Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.2AI score0.20287EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•24 views

Microsoft SharePoint 'themeweb.aspx' Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

6.9AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•19 views

Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

Exploits0Affected Software12
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•46 views

Microsoft Windows Ancillary Function Driver CVE-2012-0148 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Avaya Aura...

7.2CVSS0.1AI score0.0166EPSS
Exploits0Affected Software7
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•24 views

Microsoft Visio Viewer VSD File Format CVE-2012-0136 Remote Code Execution Vulnerability

Description Microsoft Visio Viewer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.2AI score0.20124EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2012/02/14 12:0 a.m.•28 views

Microsoft Internet Explorer CVE-2012-0155 VML Handling Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise the application and possibly the underlying computer. Faile...

9.3CVSS0.1AI score0.65501EPSS
Exploits1References1Affected Software6
Symantec
Symantec
•added 2012/01/24 8:0 a.m.•32 views

Symantec pcAnywhere Multiple Security Updates

SUMMARY Symantec pcAnywhere is susceptible to local file tampering elevation of privilege attempts and remote code execution attempts. It is possible to run arbitrary code on a targeted system in the context of the application which is normally System. Symantec pcAnywhere is also susceptible to...

10CVSS0.2AI score0.39308EPSS
Exploits13Affected Software1
Symantec
Symantec
•added 2012/01/16 8:0 a.m.•35 views

Symantec Endpoint Protection Manager Cross-Site Request Forgery and Cross-Site Scripting

SUMMARY Symantec Endpoint Protection Manager 12.1 web console is susceptible to cross-site scripting and cross-site request forgery that could potentially lead to arbitrary code execution. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|--- Symantec Endpoint Protection | 12.1 ...

6.8CVSS0.2AI score0.01328EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2012/01/10 12:0 a.m.•37 views

Microsoft Windows Media Player 'winmm.dll' MIDI File Parsing Remote Buffer Overflow Vulnerability

Description Microsoft Windows Media Player is prone to a remote heap-based buffer-overflow vulnerability when handling specially crafted media content. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to...

9.3CVSS7.1AI score0.69499EPSS
Exploits12References2Affected Software14
Symantec
Symantec
•added 2012/01/10 12:0 a.m.•21 views

Microsoft AntiXSS Library Sanitization Module Security Bypass Vulnerability

Description Microsoft Anti-Cross Site Scripting AntiXSS Library is prone to a security-bypass vulnerability that affects the sanitization module. An attacker can exploit this vulnerability to bypass the filter and conduct cross-site scripting attacks. Successful exploits may allow attackers to...

7AI score
Exploits0References1Affected Software6
Symantec
Symantec
•added 2012/01/10 12:0 a.m.•28 views

Microsoft DirectX DirectShow Filters Remote Code Execution Vulnerability

Description Microsoft DirectX is prone to a remote code-execution vulnerability. Successful exploits allow remote attackers to execute arbitrary code in the context of the user running an application that uses DirectX. Failed exploit attempts will result in a denial-of-service condition...

7.9AI score
Exploits0References1Affected Software16
Symantec
Symantec
•added 2012/01/10 12:0 a.m.•37 views

Microsoft Windows CSRSS CVE-2012-0005 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

6.9CVSS0.01797EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2012/01/10 12:0 a.m.•27 views

Microsoft Windows Object Packager Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affect...

7.9AI score
Exploits0Affected Software5
Symantec
Symantec
•added 2012/01/10 12:0 a.m.•29 views

Microsoft Windows ClickOnce Application Installer Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malformed file. Successful exploits can allow attackers to execute arbitrary code within the privileges of the user running the...

Exploits0References2Affected Software12
Symantec
Symantec
•added 2012/01/10 12:0 a.m.•43 views

Microsoft Windows Kernel CVE-2012-0001 SafeSEH Security Bypass Vulnerability

Description Microsoft Windows is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass the SafeSEH security mechanism. This may allow the attacker to execute arbitrary code by leveraging memory corruption vulnerabilities in Windows applications. Technologies...

9.3CVSS0.5AI score0.09554EPSS
Exploits0References1Affected Software7
Symantec
Symantec
•added 2012/01/01 12:0 a.m.•34 views

Cisco Video Communications Server CVE-2011-2538 Unspecified Remote Command Execution Vulnerability

Description Cisco Video Communications Server is prone to an unspecified remote command-execution vulnerability because it fails to sufficiently validate user-input supplied. An attacker may exploit this issue to execute arbitrary commands within the context of the affected application,this may a...

1.3AI score0.02567EPSS
Exploits0References2
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•22 views

Microsoft Internet Explorer XSS Filter Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability that affects the XSS Filter. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. Successful exploits will allow attackers to...

0.2AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•38 views

Microsoft Windows Kernel Invalid Trap-Frame CVE-2011-2018 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers...

7.2CVSS7AI score0.02088EPSS
Exploits1Affected Software9
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•25 views

Microsoft Word Access Violation Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

1AI score
Exploits0Affected Software2
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•32 views

Microsoft Active Directory CVE-2011-3406 Buffer Overflow Vulnerability

Description Microsoft Active Directory is prone to a buffer-overflow vulnerability. Successful exploits can allow attackers to execute arbitrary code with Network Service privileges. Failed exploit attempts may result in a denial-of-service condition. Technologies Affected Avaya Aura Conferencing...

9CVSS7.1AI score0.23297EPSS
Exploits1Affected Software9
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•27 views

Microsoft Internet Explorer CVE-2011-2019 DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic...

9.3CVSS6.6AI score0.12971EPSS
Exploits0References4Affected Software6
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•13 views

Microsoft Publisher Invalid Pointer Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

0.3AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•14 views

Microsoft Windows Time Component Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the Microsoft Time component. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within...

8AI score
Exploits0References2Affected Software10
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•27 views

Microsoft Internet Explorer CVE-2011-3404 Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a page containing malicious content. Successful exploits will allow attackers to view potentially sensitive...

4.3CVSS0.2AI score0.1428EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•25 views

Microsoft Publisher (CVE-2011-3412) Remote Memory Corruption Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

9.3CVSS7.3AI score0.26683EPSS
Exploits1References1Affected Software1
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•39 views

Microsoft PowerPoint CVE-2011-3396 DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft PowerPoint is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location which contains a specially crafted Dynamic Link...

9.3CVSS0.1AI score0.21907EPSS
Exploits1References5Affected Software1
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•30 views

Microsoft Windows CSRSS CVE-2011-3408 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to execute arbitrary code with administrator privileges. Successful exploits will result in the complete compromise of affected computers. Technologies Affected Avaya Aura...

7.2CVSS0.1AI score0.01791EPSS
Exploits1Affected Software12
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•28 views

Microsoft Excel CVE-2011-3403 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a memory-corruption error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

9.3CVSS1.8AI score0.20786EPSS
Exploits1References1Affected Software2
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•13 views

Microsoft Windows Media Player And Media Center '.dvr-ms' Files Remote Code Execution Vulnerability

Description Microsoft Windows Media Player and Windows Media Center are prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a malicious file with the vulnerable application. A successful exploit will allow arbitrary code...

0.7AI score
Exploits0Affected Software3
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•26 views

Microsoft PowerPoint OfficeArt Shape CVE-2011-3413 Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Technologies Affected Microsoft Office 2008 for Mac Microsoft Office Compatibility Pack 2007...

9.3CVSS0.4AI score0.20205EPSS
Exploits1References2Affected Software4
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•17 views

Microsoft Publisher Out of Bound Array Index Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

8AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•32 views

Microsoft Pinyin IME (CVE-2011-2010) Local Privilege Escalation Vulnerability

Description Microsoft Pinyin IME is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may...

7.2CVSS1.4AI score0.01801EPSS
Exploits1References1Affected Software3
Symantec
Symantec
•added 2011/12/13 12:0 a.m.•44 views

Microsoft Windows OLE Property CVE-2011-3400 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS7AI score0.71722EPSS
Exploits11Affected Software1
Symantec
Symantec
•added 2011/12/06 12:0 a.m.•75 views

Adobe Acrobat and Reader U3D Memory Corruption Vulnerability

Description Adobe Acrobat and Reader are prone to a remote memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions. Technologies...

8.2AI score
Exploits0References1Affected Software15
Symantec
Symantec
•added 2011/11/09 12:0 a.m.•30 views

Adobe Flash Player CVE-2011-2452 Remote Memory Corruption Vulnerability

Description Adobe Flash Player is prone to an unspecified remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions...

10CVSS0.6AI score0.05847EPSS
Exploits0References1Affected Software11
Symantec
Symantec
•added 2011/11/08 12:0 a.m.•21 views

Microsoft Windows TCP/IP Stack Reference Counter Integer Overflow Vulnerability

Description Microsoft Windows is prone to a remote integer-overflow vulnerability that affects the TCP/IP stack. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts ma...

0.1AI score
Exploits0References1Affected Software8
Symantec
Symantec
•added 2011/11/08 12:0 a.m.•29 views

Microsoft Active Directory LDAPS Authentication Bypass Vulnerability

Description Microsoft Active Directory is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions by using a revoked certificate. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya CallPilot 4.0 Avaya CallPilot 5.0...

7.2AI score
Exploits0Affected Software20
Symantec
Symantec
•added 2011/11/08 12:0 a.m.•36 views

Microsoft Windows Kernel TrueType Font Parsing (CVE-2011-2004) Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability that occurs in the Windows kernel 'Win32k.sys' kernel-mode device driver. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Avaya Aura...

7.1CVSS6.3AI score0.24623EPSS
Exploits1Affected Software3
Symantec
Symantec
•added 2011/11/01 12:0 a.m.•18 views

Microsoft Windows 'Win32k.sys' TrueType Font Handling Remote Code Execution Vulnerability

Description Microsoft Windows kernel is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into opening a specially malformed TrueType font. Successful exploits can allow attackers to execute arbitrary code with kernel-level...

7.9AI score
Exploits0References6Affected Software24
Symantec
Symantec
•added 2011/10/18 12:0 a.m.•125 views

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6...

10CVSS0.8AI score0.96714EPSS
Exploits24References3Affected Software67
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•31 views

Microsoft Internet Explorer Uninitalized Object CVE-2011-1993 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.17574EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•24 views

Microsoft Forefront Unified Access Gateway (CVE-2011-1897) Cross-Site Scripting Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because Web Monitor fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

4.3CVSS6.2AI score0.08397EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•17 views

Microsoft Windows Kernel 'Win32k.sys' TrueType Font File Remote Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 Standard Avaya CallPilot 4.0 Avaya CallPilot 5.0 Avaya...

0.1AI score
Exploits0Affected Software14
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•35 views

Microsoft Internet Explorer 'Jscript9.dll' CVE-2011-1998 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS0.21228EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•31 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1985) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...

7.2CVSS0.2AI score0.02386EPSS
Exploits5Affected Software21
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•13 views

Microsoft Forefront Unified Access Gateway 'MicrosoftClient.Jar' Remote Code Execution Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a remote code-execution vulnerability. Successful exploits will allow attackers to execute arbitrary code in the context of the logged-in user. Technologies Affected Microsoft Forefront Unified Access Gateway 2010 Microsoft...

1.3AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•33 views

Microsoft Internet Explorer Virtual Function Table CVE-2011-2001 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.43125EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•31 views

Microsoft Forefront Unified Access Gateway Null Session Cookie Denial of Service Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the web server of the affected application, denying service to legitimate users. Technologies Affected Microsoft Forefront Unified Access Gateway...

1.8AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•15 views

Microsoft Silverlight & .NET Framework Inheritance Restriction Remote Code Execution Vulnerability

Description Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service...

0.5AI score
Exploits0Affected Software6
Total number of security vulnerabilities6867