27 matches found
CVE-2009-1429
CVE-2009-1429 affects the Intel LANDesk Common Base Agent (CBA) used by Symantec products in the AMS2/Symantec System Center stack. A crafted packet could be interpreted as a command to be launched in a new process via CreateProcessA, enabling remote execution of arbitrary commands with SYSTEM pr...
CVE-2004-0375
The vulnerability CVE-2004-0375 affects SYMNDIS.SYS in multiple Symantec firewall/Norton products (Norton Internet Security, Norton Personal Firewall, Client Firewall 5.x, Client Security 1.x) where parsing TCP options can trigger an infinite loop and a denial of service. Specifically, sending a ...
CVE-2007-3699
CVE-2007-3699 affects the Decomposer component in multiple Symantec products, enabling remote attackers to trigger a denial of service (infinite loop) by crafting the PACK_SIZE field in a RAR header. Connected Nessus entries reiterate this as part of “Symantec Mail Security Engine/Scanner” vulner...
CVE-2004-0444
CVE-2004-0444 involves SYMDNS.SYS in Symantec/Norton firewall and security products (consumer and corporate) and affects NBNS/DNS processing. A remote, unauthenticated attacker can trigger a stack overflow via a manipulated NBNS length field, a heap corruption in NBNS responses, or a DNS processi...
CVE-2009-1431
Symantec Alert Management System (AMS2) Intel File Transfer service (XFR.EXE) is affected. A design flaw allows remote code execution by an unauthenticated attacker who places code on a share or WebDAV server and then sends the UNC path to the XFR.EXE service. Impact can affect Symantec System Ce...
CVE-2009-1432
CVE-2009-1432 affects Symantec Reporting Server, used with Symantec AntiVirus Corporate Edition, Symantec Client Security, and Symantec Endpoint Protection Manager. A URL handling error in the Reporting Server login page allows remote attackers to display arbitrary text via a crafted link, enabli...
CVE-2007-0447
The CVE-2007-0447 entry corresponds to a heap-based buffer overflow in the Decomposer used by Symantec products (notably Symantec Antivirus Scan Engine / Mail Security for Exchange/Domino) when processing crafted CAB archives, enabling remote code execution. Connected details corroborate: a heap ...
CVE-2007-3022
Symantec Reporting Server (versions affected: 1.0.197.0 up to 1.0.224.0), used with Symantec Client Security 3.1 and SAV CE 10.1, discloses the password hash for a user after a failed login. This plaintext-like disclosure enables brute-force attempts and could let an attacker gain access to the R...
CVE-2006-4855
The CVE-2006-4855 family concerns the Symantec Norton products (Norton Personal Firewall 2006 9.1.0.33 and related Norton Personal Firewall/Internet Security/AntiVirus/Symantec client products; Symantec Host) where the \Device\SymEvent driver (and related SYMTDI.SYS) is vulnerable to local privil...
CVE-2007-1793
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 (versions 9.1.0.33 and 9.1.1.7) does not validate certain arguments passed to hooked SSDT function handlers, allowing local users to crash the system or potentially execute arbitrary code via crafted arguments to NtCreateMutant and NtOpenEven...
CVE-2007-3021
Symantec Reporting Server before 1.0.224.0 (used with SCS 3.1 and SAV CE 10.1+) fails to initialize a critical variable during data export, allowing an attacker to manipulate the exported file to create arbitrary executable files. This could lead to remote code execution in the web server context...
CVE-2009-1430
CVE-2009-1430 describes multiple stack-based buffer overflows in the IAO.EXE component of the Intel Alert Originator Service used by Symantec Alert Management System 2 (AMS2). The underlying fault is a boundary/stack overflow in the MsgSys.exe path that can be triggered by either a crafted networ...
CVE-2005-0249
Concretely affected: Symantec AntiVirus/Scan Engine DEC2EXE parsing engine (DEC2EXE.dll) used in the Symantec Antivirus Library. Issue: a heap-based buffer overflow caused by improper bounds checking when parsing UPX-compressed files, triggered by a crafted UPX file with a negative virtual offset...
CVE-2007-3771
Symantec CVE-2007-3771 describes a stack-based overflow in Internet Email Auto-Protect of Symantec AntiVirus Corporate Edition (pre-10.1) and Client Security (pre-3.1). The vulnerability allows a local user to crash the real-time Internet Email scanning service by sending an outbound SMTP message...
CVE-2006-3455
The vulnerability CVE-2006-3455 affects the SAVRT.SYS device driver in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1 and 2.0.x up to 2.0.3. A local attacker can execute arbitrary code by supplying a crafted address for the DeviceIOControl output ...
CVE-2010-0108
The CVE-2010-0108 issue is a buffer overflow in the Symantec Client Proxy ActiveX (CLIproxy.dll). Affected products include Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4, plus Symantec Client Security 3.0.x and 3.1.x before MR9. The underlying cause is insufficient boundary ...
CVE-2007-3673
Summary of CVE-2007-3673 (Symantec SYMTDI.SYS Local Privilege Escalation) A memory overwrite vulnerability exists in the SYMTDI.SYS device driver when processing IOCTL 0x83022323 to the \symTDI\ interface. This allows a local attacker to gain elevated privileges (SYSTEM) on affected systems. Affe...
CVE-2004-0445
The CVE-2004-0445 issue affects Symantec Symantec Norton Internet Security/Professional (2002–2004), Norton Personal Firewall (2002–2004), Norton AntiSpam 2004, and corporate products Client Firewall 5.01/5.1.1 and Client Security 1.0–2.0, via the SYMDNS.SYS DNS/NBNS processing driver. A speciall...
CVE-2010-0106
CVE-2010-0106 affects Symantec AntiVirus 10.0.x/10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x/3.1.x before MR9. When Tamper Protection is disabled, remote attackers could cause a denial of service by triggering events that prevent the user from reading unspecified resources and t...
CVE-2007-1476
The vulnerability CVE-2007-1476 affects the Symantec SYMTDI.SYS device driver in Norton products (Norton Personal Firewall 2006 9.1.1.7 and earlier; Internet Security 2005/2006; AntiVirus Corporate Edition 3.0.x–10.1.x) and related Norton products. A local attacker can cause a denial of service (...
CVE-2006-2630
Summary: CVE-2006-2630 is a stack-based buffer overflow in Symantec Antivirus 10.1 and Symantec Client Security 3.1 that can allow remote code execution. The vulnerability arises in the Real-Time Scan Service and related components (Log Forwarding) and is triggered via insufficient input validati...
CVE-2007-3095
The vulnerability CVE-2007-3095 affects Symantec Reporting Server versions prior to 1.0.224.0 (including 1.0.197.0) as used with Symantec Client Security 3.1+ and SAV CE 10.1+. The issue is an authentication bypass that allows an attacker to disable authentication and access restricted functional...
CVE-2006-3454
CVE-2006-4802 details a second format string vulnerability in the Real Time Virus Scan service and alert notification path of Symantec Antivirus Corporate Edition 8.1–10.0 and Symantec Client Security 1.x–3.0 (a vector distinct from CVE-2006-3454). Local users can potentially execute arbitrary co...
CVE-2007-3800
Summary : CVE-2007-3800 affects Symantec Antivirus Corporate Edition (9.0–10.1) and Symantec Client Security (2.0–3.1). The vulnerability lies in the Real-Time scanner RTVScan component where, if the Notification Message window is enabled, a local attacker can craft code to gain privileges. The c...
CVE-2009-3104
Technical details about CVE-2009-3104 are not publicly available in the provided documents. Monitor for updates from vendors and security advisories.
CVE-2010-0107
VUPEN and security docs confirm a buffer overflow in SYMLTCOM.dll (ActiveX) affecting Symantec/Norton products across N360 1.0–2.0, Norton Internet Security, AntiVirus, SystemWorks and Confidential 2006–2008, and Symantec Client Security 3.0.x before 3.1 MR9 and 3.1.x before MR9. The overflow occ...
CVE-2006-4802
CVE-2006-4802 describes a format string vulnerability in the Real Time Virus Scan service of Symantec AntiVirus Corporate Edition (8.1–10.0) and Client Security (1.x–3.0). The flaw allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, noted...