Lucene search
K
SymantecRecent

6867 matches found

Symantec
Symantec
•added 2011/04/12 12:0 a.m.•15 views

Microsoft PowerPoint Invalid 'TimeColorBehaviorContainer' Record Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application...

0.1AI score
Exploits0References3Affected Software4
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•43 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1227) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01398EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•17 views

Microsoft Internet Explorer JavaScript Cross Domain Information Disclosure Vulnerability

Description Microsoft Internet Explorer is prone to a cross-domain information-disclosure vulnerability, An attacker can exploit this issue to access content from a browser window in another domain or security zone. This may allow the attacker to obtain sensitive information which may aid in...

7AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•40 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0672) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•39 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0677) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01398EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•38 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1225) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01398EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•34 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1230) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01398EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•28 views

Microsoft Windows Messenger ActiveX Control Remote Code Execution Vulnerability

Description Microsoft Windows Messenger ActiveX control 'msgsc.dll' is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successful exploits will allow the attacker to execute arbitrary code...

8AI score
Exploits0References2Affected Software7
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•23 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0676) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a NULL-pointer dereference. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01173EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•31 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-1242) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•24 views

Microsoft Excel Data Validation Record Parsing Buffer Overflow Vulnerability

Description Microsoft Excel is prone to a buffer-overflow vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

0.7AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•16 views

Microsoft Internet Explorer Layout Handling Use After Free Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote use-after-free memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Successfully exploiting this issue may allow attackers to execute arbitrary code in t...

Exploits0References1Affected Software6
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•34 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0675) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel due to a use-after-free condition. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete...

7.2CVSS0.01434EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•20 views

Microsoft Excel Buffer Allocation Integer Overflow Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability because of an integer-overflow error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the...

7.9AI score
Exploits0Affected Software3
Symantec
Symantec
•added 2011/04/12 12:0 a.m.•22 views

Microsoft Excel 'RealTimeData' Record Parsing Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2011/03/21 8:0 a.m.•46 views

Symantec LiveUpdate Administrator Cross-Site Request Forgery

SUMMARY Symantecs LiveUpdate Administrator LUA is susceptible to a cross-site request forgery vulnerability which could result in the execution of HTML or script code in the context of the admins browser. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec LiveUpdate Administrator...

6.8CVSS0.1AI score0.02937EPSS
Exploits3Affected Software1
Symantec
Symantec
•added 2011/03/14 12:0 a.m.•57 views

Adobe Flash Player CVE-2011-0609 'SWF' File Remote Memory Corruption Vulnerability

Description Adobe Flash Player is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Technologies...

9.3CVSS0.4AI score0.66821EPSS
Exploits8References3Affected Software12
Symantec
Symantec
•added 2011/03/08 12:0 a.m.•22 views

Microsoft Windows Media Player/Windows Media Center '.dvr-ms' File Code Execution Vulnerability

Description Microsoft Windows Media Player and Windows Media Center are prone to a remote code-execution vulnerability when handling specially crafted media content. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage or a specially crafted file...

0.4AI score
Exploits0Affected Software9
Symantec
Symantec
•added 2011/03/08 12:0 a.m.•18 views

Microsoft DirectShow DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft DirectShow is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link...

0.2AI score
Exploits0References4Affected Software8
Symantec
Symantec
•added 2011/03/08 12:0 a.m.•15 views

Microsoft Remote Desktop Connection Client DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Remote Desktop Connection client is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially...

Exploits0References4Affected Software6
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•15 views

Microsoft Windows LSASS Length Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows LSASS is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may caus...

7.8AI score
Exploits0Affected Software9
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•13 views

Microsoft Windows Kerberos Unkeyed Checksum Local Privilege Escalation Vulnerability

Description The Microsoft Windows implementation of Kerberos is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting these issues will result in the complete compromise of affect...

7.8AI score
Exploits0Affected Software7
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•40 views

Microsoft Windows CSRSS (CVE-2011-0030) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to retain certain processes that may aid in attacks against subsequent users. Successfully exploiting this issue may aid in the complete compromise of affected computers...

4.7CVSS1AI score0.01764EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•18 views

Microsoft Windows OpenType Compact Font Format Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability that affects the OpenType Compact Font Format CFF driver. An attacker can exploit this issue to execute arbitrary code in kernel mode. Successful exploits will completely compromise an affected computer. Failed attemp...

7.9AI score
Exploits0References1Affected Software13
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•22 views

Microsoft Windows Kernel Integer Truncation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause a...

7.9AI score
Exploits0References1Affected Software6
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•11 views

Microsoft Windows Kernel 'Win32k.sys' Pointer Validation Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

Exploits0Affected Software8
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•30 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0090) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

7.2CVSS0.02078EPSS
Exploits0Affected Software8
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•32 views

Microsoft Visio Object Memory Corruption (CVE-2011-0092) Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in a...

9.3CVSS0.8AI score0.24225EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•30 views

Microsoft Windows Kerberos Encryption Standard Spoofing Vulnerability

Description The Microsoft Windows implementation of Kerberos is prone to a security vulnerability that may allow attackers to downgrade the cipher suite. Successful exploits may allow attackers to change the default encryption standard to DES. This may allow attackers to read and forge all Kerber...

7.2AI score
Exploits0Affected Software7
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•27 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0088) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

7.2CVSS7AI score0.01831EPSS
Exploits0Affected Software15
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•36 views

Microsoft VBScript and JScript Scripting Engines Information Disclosure Vulnerability

Description Microsoft VBScript and JScript scripting engines are prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to gain access to sensitive information that may aid in further attacks. Attackers can exploit this issue by enticing an unsuspecting user to...

0.3AI score
Exploits0Affected Software3
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•35 views

Microsoft Internet Explorer CVE-2011-0035 Uninitialized Memory Remote Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

9.3CVSS7AI score0.19535EPSS
Exploits0Affected Software6
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•18 views

Microsoft Internet Explorer 'mshtml.dll' Dangling Pointer Vulnerability

Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Aura...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•21 views

Microsoft Visio Data Type Memory Corruption (CVE-2011-0093) Remote Code Execution Vulnerability

Description Microsoft Visio is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a...

9.3CVSS0.7AI score0.19535EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•30 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0087) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

7.2CVSS7AI score0.01831EPSS
Exploits0Affected Software8
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•29 views

Microsoft Windows Kernel 'Win32k.sys' (CVE-2011-0086) Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

7.2CVSS0.01676EPSS
Exploits0Affected Software8
Symantec
Symantec
•added 2011/02/08 12:0 a.m.•13 views

Microsoft Internet Explorer DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Internet Explorer is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic...

7.3AI score
Exploits0References4Affected Software6
Symantec
Symantec
•added 2011/01/26 8:0 a.m.•27 views

Symantec Intel Alert Management System Multiple Code Execution Issues

SUMMARY Symantec was notified of multiple instances of failure to properly handle user input in the Third Party Intel Alert Management System AMS2 which could result in arbitrary code execution. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec AntiVirus Corporate Edition Server...

7.9CVSS0.4AI score0.0513EPSS
Exploits12Affected Software1
Symantec
Symantec
•added 2011/01/26 8:0 a.m.•30 views

Multiple Symantec Intel Alert Management System Arbitrary Message Creation or Denial of Service

SUMMARY Symantec was notified of a improper message handling procedures in the Intel Alert Management System AMS2 that can be used to send arbitrary messages or kill the Intel Alert Handler service. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec AntiVirus Corporate Edition...

9.3CVSS0.5AI score0.34516EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/01/12 8:0 a.m.•38 views

Symantec Web Gateway Blind SQL Injection

SUMMARY Symantecs Web Gateway management GUI is susceptible to a blind SQL injection attack which could result in injection of arbitrary code into the backend database. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Web Gateway | 4.5 | Apply DB update 4.5.0.376 ISSUES Severit...

7.5CVSS0.3AI score0.02364EPSS
Exploits1Affected Software1
Symantec
Symantec
•added 2011/01/11 12:0 a.m.•30 views

Microsoft Data Access Components Data Source Name Buffer Overflow Vulnerability

Description Microsoft Data Access Components MDAC are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will...

7.8AI score
Exploits0Affected Software6
Symantec
Symantec
•added 2011/01/04 12:0 a.m.•17 views

Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability in the Windows Graphics Rendering Engine because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user to open a...

7.9AI score
Exploits0References2Affected Software8
Symantec
Symantec
•added 2010/12/26 12:0 a.m.•14 views

Microsoft Windows Fax Cover Page Editor Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. The issue affects the Windows Fax Cover Page Editor component fxscover.exe. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Fax Cover Page file. Successfully...

8AI score
Exploits0References1Affected Software16
Symantec
Symantec
•added 2010/12/22 12:0 a.m.•12 views

Microsoft WMI Administrative Tools ActiveX Control Remote Code Execution Vulnerability

Description Microsoft WMI Administrative Tools is prone to a remote code-execution vulnerability that affects the WMI Object Viewer 'WBEMSingleView.ocx' ActiveX control. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow...

7.9AI score
Exploits0References3Affected Software11
Symantec
Symantec
•added 2010/12/15 8:0 a.m.•26 views

Symantec Endpoint Protection File Overwrite

SUMMARY Symantec Endpoint Protection SEP Manager reporting module allows a php file overwrite from an authorized client that could potentially allow execution of arbitrary code on the server-side. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec Endpoint Protection | 11.x |...

7.5CVSS0.7AI score0.05048EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•23 views

Microsoft Internet Explorer Select HTML Element Use-After-Free Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will cause denial-of-service conditions. Technologies Affected Avaya Au...

Exploits0Affected Software6
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•33 views

Microsoft Publisher (CVE-2010-3954) Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

9.3CVSS7.3AI score0.20833EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•25 views

Microsoft Office CGM Image Converter (CVE-2010-3945) Buffer Overflow Vulnerability

Description Microsoft Office is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted...

9.3CVSS0.8AI score0.25106EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•18 views

Microsoft Publisher Size Value Heap Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

Exploits0Affected Software1
Symantec
Symantec
•added 2010/12/14 12:0 a.m.•27 views

Microsoft Office TIFF Image Converter (CVE-2010-3950) Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted Tagged Image File Format TIFF image. Successfully exploiting this issue allows...

9.3CVSS1.1AI score0.20833EPSS
Exploits1Affected Software1
Total number of security vulnerabilities6867