Lucene search
K
SymantecRecent

6867 matches found

Symantec
Symantec
•added 2011/10/11 12:0 a.m.•30 views

Microsoft Forefront Unified Access Gateway (CVE-2011-1895) HTTP Response Splitting Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could ai...

4.3CVSS0.1AI score0.11137EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•37 views

Microsoft Windows AFD Driver CVE-2011-2005 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

7.2CVSS7.8AI score0.31761EPSS
Exploits12Affected Software5
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•32 views

Microsoft Internet Explorer OnLoad Event CVE-2011-1997 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.14476EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•29 views

Microsoft Internet Explorer Option Element CVE-2011-1996 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS6.9AI score0.60456EPSS
Exploits5References1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•22 views

Microsoft Forefront Unified Access Gateway (CVE-2011-1896) Cross-Site Scripting Vulnerability

Description Microsoft Forefront Unified Access Gateway is prone to a cross-site scripting vulnerability because Web Monitor fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

4.3CVSS6.2AI score0.08256EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•28 views

Microsoft Internet Explorer 'OLEAuto32.dll' CVE-2011-1995 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.28901EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•39 views

Microsoft Windows Kernel '.fon' Font File Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue by tricking an unsuspecting victim into viewing a malformed file on a remote network share. Successful exploits can allow attackers to execute arbitrary code with kernel-level...

9.3CVSS0.1AI score0.27772EPSS
Exploits4References2Affected Software18
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•22 views

Microsoft Windows Media Center DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Windows is prone to an arbitrary-code-execution vulnerability that affects the Media Center. Attackers can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application. Technologies Affected Microsoft Windows 7 for 32-bit...

0.7AI score
Exploits0References4Affected Software2
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•25 views

Microsoft Windows Active Accessibility DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Windows is prone to an arbitrary-code-execution vulnerability that affects the Active Accessibility component. Attackers can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application. Technologies Affected Avaya Aura...

Exploits0References3Affected Software9
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•45 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-2011) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.2AI score0.01787EPSS
Exploits1Affected Software20
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•29 views

Microsoft Internet Explorer 'SwapNode()' CVE-2011-2000 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aur...

9.3CVSS7AI score0.18886EPSS
Exploits1References1Affected Software6
Symantec
Symantec
•added 2011/10/11 12:0 a.m.•32 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1985) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference error. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the...

7.2CVSS0.2AI score0.02386EPSS
Exploits5Affected Software21
Symantec
Symantec
•added 2011/10/06 8:0 a.m.•52 views

Multi-Vendor Autonomy Verity Keyview Filter Multiple Issues

SUMMARY Multiple sources have identified several security issues in Autonomys Verity Keyview Content Filter libraries. Symantec has updated the Keyview modules being shipped with Symantec products to address these issues. AFFECTED PRODUCTS Product | Version | Build | Solutions ---|---|---|---...

9.3CVSS0.32961EPSS
Exploits11Affected Software1
Symantec
Symantec
•added 2011/09/29 8:0 a.m.•20 views

Symantec IM Manager Administrator Console Multiple Issues

SUMMARY Symantec IM Manager is vulnerable to Code Injection, Cross-Site Scripting and SQL Injection. Successful exploitation of these vulnerabilities could result in injection/execution of arbitrary code in the context of the browser or the application. AFFECTED PRODUCTS Product | Version |...

7.5CVSS0.2AI score0.03721EPSS
Exploits4Affected Software1
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•15 views

Microsoft SharePoint Contact Details Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

6.9AI score
Exploits0References1Affected Software2
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•37 views

Microsoft Excel Array Index CVE-2011-1990 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers could exploit this issue by enticing victims to open a maliciously crafted Excel file. Successful exploits will allow attackers to execute arbitrary code with the privileges of the user running the applicatio...

9.3CVSS0.4AI score0.20486EPSS
Exploits0Affected Software3
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•17 views

Microsoft Excel Array Indexing 'iax' Field Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers could exploit this issue by enticing victims to open a maliciously crafted Excel file. Successful exploits will allow attackers to execute arbitrary code with the privileges of the user running the applicatio...

0.1AI score
Exploits0References1Affected Software3
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•27 views

Microsoft SharePoint XML Handling Remote File Disclosure Vulnerability

Description Microsoft SharePoint is prone to a vulnerability that lets attackers access local files. An attacker can exploit this vulnerability to retrieve local files from a vulnerable computer in the context of the vulnerable service. Information obtained may aid in further attacks. Technologie...

0.4AI score
Exploits0References1Affected Software10
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•35 views

Microsoft SharePoint Calendar CVE-2011-0653 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

4.3CVSS6.2AI score0.16912EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•42 views

Microsoft Excel Malformed Record CVE-2011-1988 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers could exploit this issue by enticing victims to open a maliciously crafted Excel file. Successful exploits will allow attackers to execute arbitrary code with the privileges of the user running the applicatio...

9.3CVSS0.2AI score0.18609EPSS
Exploits1References1Affected Software3
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•36 views

Microsoft SharePoint 'EditForm.aspx' CVE-2011-1890 Script Injection Vulnerability

Description Microsoft SharePoint is prone to a script-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow...

4.3CVSS6.5AI score0.19769EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•35 views

Microsoft Office 'MSO.dll' Uninitialized Pointer (CVE-2011-1982) Remote Code Execution Vulnerability

Description Microsoft Office is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

9.3CVSS0.9AI score0.27697EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•36 views

Microsoft Excel Conditional Expression CVE-2011-1989 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers could exploit this issue by enticing victims to open a maliciously crafted Excel file. Successful exploits will allow attackers to execute arbitrary code with the privileges of the user running the applicatio...

9.3CVSS0.1AI score0.21135EPSS
Exploits0References1Affected Software4
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•41 views

Microsoft SharePoint CVE-2011-1893 Cross Site Scripting Vulnerability

Description Microsoft SharePoint is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may...

4.3CVSS6.4AI score0.16774EPSS
Exploits0References1Affected Software4
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•49 views

Microsoft Excel Malformed Object CVE-2011-1986 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers could exploit this issue by enticing victims to open a maliciously crafted Excel file. Successful exploits will allow attackers to execute arbitrary code with the privileges of the user running the applicatio...

9.3CVSS1.2AI score0.21507EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/09/13 12:0 a.m.•34 views

Microsoft Office Shared Component CVE-2011-1980 DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Office is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Libra...

9.3CVSS2.2AI score0.10383EPSS
Exploits0References4Affected Software1
Symantec
Symantec
•added 2011/08/10 8:0 a.m.•183 views

Symantec Endpoint Protection Manager Cross-Site Request Forgery and Cross-Site Scripting

SUMMARY The web console in the Symantec Endpoint Protection Manager 11.0 RU6 and maintenance packs based on RU6 are vulnerable to instances of cross-site scripting and cross-site request forgery that could lead to arbitrary code execution. AFFECTED PRODUCTS Product | Version | Build | Solutions...

6.8CVSS0.2AI score0.01328EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•43 views

Microsoft Remote Desktop Protocol CVE-2011-1968 Denial of Service Vulnerability

Description Microsoft Remote Desktop Protocol is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to shut down or restart the affected system, therefore denying service to legitimate users. Technologies Affected Avaya CallPilot 4.0 Avaya CallPilot 5.0 Avaya...

7.1CVSS6.5AI score0.25708EPSS
Exploits1Affected Software6
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•24 views

Microsoft Windows CSRSS CVE-2011-1967 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS0.01707EPSS
Exploits0Affected Software7
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•35 views

Microsoft Visio CVE-2011-1979 Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS1.1AI score0.22201EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•15 views

Microsoft Windows DNS Server Uninitialized Memory Remote Denial of Service Vulnerability

Description The Microsoft Windows DNS Server is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the DNS server service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Windows Server 2003 Datacenter Edition...

7.3AI score
Exploits0Affected Software1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•17 views

Microsoft Internet Explorer Style Object Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aura...

0.1AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•52 views

Microsoft Windows TCP/IP ICMP CVE-2011-1871 Remote Denial Of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to restart the affected system, therefore denying service to legitimate users. Technologies Affected Avaya Conferencing Standard Edition 6.0 Avaya Conferencing Standard Edition 6...

7.8CVSS0.7AI score0.38461EPSS
Exploits1References1Affected Software3
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•35 views

Microsoft Windows NDISTAPI CVE-2011-1974 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.2CVSS0.3AI score0.06983EPSS
Exploits4Affected Software1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•37 views

Microsoft Visio CVE-2011-1972 Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected...

9.3CVSS0.7AI score0.22201EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•23 views

Microsoft Internet Explorer Window Open Race Condition Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aura...

7.8AI score
Exploits0References1Affected Software6
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•19 views

Microsoft Windows Data Access Component DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Windows is prone to an arbitrary-code-execution vulnerability that affects the Data Access Component. Attackers can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application. Technologies Affected Avaya Aura Conferenci...

7.8AI score
Exploits0References6Affected Software6
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•13 views

Microsoft Visual Studio Report Viewer Control Multiple Cross Site Scripting Vulnerabilities

Description Microsoft Visual Studio is prone to multiple cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site...

6.8AI score
Exploits0Affected Software3
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•42 views

Microsoft Windows Kernel CVE-2011-1971 Remote Denial of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability. A remote attacker can exploit this issue to crash the Windows kernel, denying service to legitimate users. Technologies Affected Avaya Aura Conferencing 6.0 Standard Microsoft Windows 7 for 32-bit Systems Microsof...

4.7CVSS6.4AI score0.03019EPSS
Exploits1Affected Software3
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•12 views

Microsoft .NET Framework 'System.Net.Sockets' Namespace Security Bypass Vulnerability

Description The Microsoft .NET Framework is prone to a security-bypass vulnerability. Attackers can exploit this issue to perform denial-of-service attacks, scan network resources, and obtain potentially sensitive information that was not intended to be disclosed. Technologies Affected Avaya Aura...

0.3AI score
Exploits0Affected Software5
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•22 views

Microsoft Internet Explorer XSLT Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed attacks may cause denial-of-service conditions. Technologies Affected Avaya Aura...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•19 views

Microsoft Internet Explorer Shift JIS Character Encoding Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information that m...

6.8AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•38 views

Microsoft Windows TCP/IP QOS CVE-2011-1965 Remote Denial Of Service Vulnerability

Description Microsoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to restart the affected system, therefore denying service to legitimate users. Technologies Affected Microsoft Windows 7 for 32-bit Systems Microsoft Windows 7 for 32-bit Systems...

7.1CVSS1.2AI score0.24935EPSS
Exploits5Affected Software2
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•16 views

Microsoft .NET Framework Chart Control Information Disclosure Vulnerability

Description The Microsoft .NET Framework is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Attackers can exploit this issue by submitting a specially crafted request to a vulnerable...

2.4AI score
Exploits0References1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•21 views

Microsoft Windows DNS Server NAPTR Query Remote Heap Memory Corruption Vulnerability

Description The Microsoft Windows DNS Server is prone to a remote heap-based memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of affected computers. Technologies...

Exploits0References1Affected Software1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•40 views

Microsoft Remote Desktop Web Access CVE-2011-1263 Cross Site Scripting Vulnerability

Description Microsoft Remote Desktop Web Access is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

4.3CVSS6.4AI score0.15242EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•18 views

Microsoft Internet Explorer Telnet URI Handler Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a vulnerability that lets attackers execute arbitrary remote code. An attacker can exploit this issue by enticing a legitimate user to use a vulnerable version of the application to access an HTML file from a network share location that contains...

7.5AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/08/09 12:0 a.m.•12 views

Microsoft Internet Explorer Event Handlers Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability. An attacker can exploit this issue to access local files or content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information that m...

6.8AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/07/27 12:0 a.m.•35 views

Drupal Core CVE-2011-2726 Access Bypass Vulnerability

Description Drupal is prone to an access-bypass vulnerability. Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. Drupal 7.0 through 7.4 are vulnerable. Technologies Affected Drupal Drupal 7.0 Drupal Drupal 7.1 Drupal...

1.9AI score0.01598EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2011/07/12 12:0 a.m.•17 views

Microsoft Windows CSRSS 'SrvWriteConsoleOutputString()' Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Technologies Affected...

7.8AI score
Exploits0References1Affected Software7
Total number of security vulnerabilities6867