Lucene search
K
SymantecEndpoint Protection

71 matches found

CVE
CVE
added 2020/05/11 7:25 p.m.140 views

CVE-2020-5837

CVE-2020-5837 affects Symantec Endpoint Protection (Windows Endpoint) prior to version 14.3. The issue is that logging writes to files replaced by symbolic links may bypass standard file permissions, enabling elevation of privilege. Root cause centers on improper permission handling for log files...

7.8CVSS7.5AI score0.00746EPSS
CVE
CVE
added 2012/03/21 10:0 a.m.108 views

CVE-2012-1459

CVE-2012-1459 affects multiple antivirus products including ClamAV. The issue is a vulnerability in the TAR file parser where a TAR archive entry length field could correspond to the entire entry plus part of the header of the next entry, allowing remote attackers to bypass malware detection. The...

4.3CVSS6AI score0.99809EPSS
CVE
CVE
added 2012/03/21 10:0 a.m.101 views

CVE-2012-1457

CVE-2012-1457 affects the TAR file parser in multiple antivirus products (e.g., ClamAV and others) and allows remote attackers to bypass malware detection by crafting a TAR entry whose length exceeds the TAR file size. Connected advisories confirm this issue across vendor updates (e.g., openSUSE ...

4.3CVSS6AI score0.98293EPSS
CVE
CVE
added 2019/11/15 5:41 p.m.90 views

CVE-2019-18372

CVE-2019-18372 concerns a local privilege-escalation vulnerability in Symantec Endpoint Protection (SEP) client and related components. According to Red Hat and Symantec advisories, SEP versions prior to 14.2 RU2 (and related SEPM/SMSMSE lines) are affected by privilege escalation, with attackers...

7.8CVSS7.9AI score0.00401EPSS
CVE
CVE
added 2019/07/31 5:42 p.m.86 views

CVE-2019-12750

CVE-2019-12750 affects Symantec Endpoint Protection (SEP) and SEP Small Business Edition (SBE). Vulnerable components: SEP before 14.2 RU1 and 12.1 RU6 MP10, and SEP SBE before 12.1 RU6 MP10c (12.1.7491.7002). Root cause is a privilege-escalation vulnerability that could allow an attacker to obta...

7.8CVSS7.9AI score0.0125EPSS
CVE
CVE
added 2017/11/06 11:0 p.m.85 views

CVE-2017-6331

Symantec Endpoint Protection (SEP) up to 12.1.6 RU6 MP5 / 12.1.x before RU6 MP9 or 14.0 before RU1 is affected by CVE-2017-6331. The issue is a Tamper-Protection Bypass caused by SEP not validating WinAPI message sources (UIPI), allowing spoofed UI messages to potentially disable or bypass real‑t...

7.1CVSS6.7AI score0.01687EPSS
CVE
CVE
added 2019/11/15 5:37 p.m.85 views

CVE-2019-12758

CVE-2019-12758 affects Symantec Endpoint Protection (SEP)/SEP Manager prior to 14.2 RU2. The issue is an unsigned code execution vulnerability; a local attacker may execute code without a resident digital signature, in the context of the affected application. Documents from Red Hat and Symantec i...

7.2CVSS7.2AI score0.0066EPSS
CVE
CVE
added 2020/05/11 7:23 p.m.85 views

CVE-2020-5836

CVE-2020-5836 affects Symantec Endpoint Protection (Windows Endpoint) prior to 14.3. The vulnerability allows a limited (authenticated, local) user to reset ACLs on a file when Tamper Protection is disabled, resulting in elevation of privilege. The issue is documented in multiple sources with the...

7.8CVSS7.4AI score0.00358EPSS
CVE
CVE
added 2012/03/21 10:0 a.m.83 views

CVE-2012-1443

CVE-2012-1443 describes a bypass in the RAR file parser used by multiple antivirus products (e.g., ClamAV 0.96.4-related integrations and several vendors) where a RAR file starting with an MZ character sequence can be analyzed by user-assisted remote attackers to bypass malware detection. The evi...

4.3CVSS6.5AI score0.99636EPSS
CVE
CVE
added 2019/11/15 5:37 p.m.83 views

CVE-2019-12757

Symantec Endpoint Protection (SEP) and SEP Small Business Edition (SEP SBE) are affected by CVE-2019-12757, a privilege-escalation flaw in versions before 14.2 RU2 and 12.1 RU6 MP10d (SEP SBE 12.1.7510.7002). The vulnerability allows an attacker with local access to elevate privileges within the ...

7.8CVSS7.9AI score0.00401EPSS
CVE
CVE
added 2009/04/29 3:0 p.m.80 views

CVE-2009-1429

CVE-2009-1429 affects the Intel LANDesk Common Base Agent (CBA) used by Symantec products in the AMS2/Symantec System Center stack. A crafted packet could be interpreted as a command to be launched in a new process via CreateProcessA, enabling remote execution of arbitrary commands with SYSTEM pr...

10CVSS7.5AI score0.8793EPSS
CVE
CVE
added 2012/03/21 10:0 a.m.78 views

CVE-2012-1461

The CVE-2012-1461 entry documents a vulnerability in the Gzip file parser used by multiple antivirus products (e.g., AVG, Bitdefender, Kaspersky, Symantec Endpoint Protection, Trend Micro, and others) that allows remote attackers to bypass malware detection by delivering a .tar.gz file containing...

4.3CVSS6.6AI score0.91746EPSS
CVE
CVE
added 2019/04/25 7:13 p.m.77 views

CVE-2018-18366

Symantec Endpoint Protection Small Business Edition ccSetx86.sys kernel driver (IOCTL 0x224844) has an information-disclosure vulnerability. A specially crafted IRP can cause the driver to return uninitialized kernel memory to a user-mode process, potentially leaking sensitive data. The issue is ...

6.5CVSS6.3AI score0.00386EPSS
CVE
CVE
added 2012/03/21 10:0 a.m.75 views

CVE-2012-1456

The CVE-2012-1456 entry concerns a vulnerability in the TAR file parser across multiple AV products (AVG, Quick Heal, Comodo, Emsisoft, eSafe, F-Prot, Fortinet, Ikarus, Jiangmin, Kaspersky, McAfee, Norman, Panda, Rising, Sophos, AVEngine 20101.3.0.103 in Symantec Endpoint Protection, Trend Micro)...

4.3CVSS6.6AI score0.99937EPSS
CVE
CVE
added 2020/01/09 7:30 p.m.75 views

CVE-2016-5311

CVE-2016-5311 describes a local privilege-escalation in multiple Symantec Norton product lines (Antivirus, Security, Internet Security, 360, Endpoint Protection, etc.) caused by DLL preloading with inadequate path restrictions. The underlying issue is improper DLL search/path handling, allowing a...

7.8CVSS7.3AI score0.00714EPSS
CVE
CVE
added 2017/11/06 11:0 p.m.71 views

CVE-2017-13680

Summary: CVE-2017-13680 affects Symantec Endpoint Protection (SEP) Windows endpoints. The vulnerability allows an attacker to perform unauthorized file deletions via the product UI. Affected versions are SEP 12.1 RU6 MP9 and SEP 14 RU1. Root cause/impact: UI-driven file deletion on the resident f...

5.5CVSS5.8AI score0.00394EPSS
CVE
CVE
added 2017/11/06 11:0 p.m.71 views

CVE-2017-13681

Symantec Endpoint Protection (SEP) is affected by CVE-2017-13681, a privilege-escalation flaw in SEP prior to 12.1 RU6 MP9. The issue requires multiple file and directory writes to the local filesystem, limiting exploit feasibility to non-drive-by scenarios. Impact is described as elevated access...

7.8CVSS7.3AI score0.00429EPSS
CVE
CVE
added 2019/11/15 4:58 p.m.70 views

CVE-2019-12756

Symantec Endpoint Protection (SEP) clients prior to 14.2 RU2 are susceptible to a local password-protection bypass (CVE-2019-12756). An authenticated local attacker could bypass the second layer of password protection and perform actions with local privileges. Connected advisories also reference ...

2.3CVSS5.2AI score0.00303EPSS
CVE
CVE
added 2016/06/30 11:0 p.m.69 views

CVE-2016-2211

MODE C: The connected Nessus/OpenVAS entries describe CVE-2016-2211 as part of a set of vulnerabilities in Symantec products (notably the Decomposer/UNPACK engine and related parsers) affecting multiple versions of Symantec Protection for SharePoint Servers, Protection Engine, Web Gateway, and re...

9.3CVSS7.7AI score0.53402EPSS
CVE
CVE
added 2016/06/30 11:0 p.m.68 views

CVE-2016-2209

CVE-2016-2209 is a stack-based buffer overflow in Symantec products, notably in the PPT handling path (Dec2LHA.dll) of Symantec Protection for SharePoint Servers (versions 6.0.x up to HF1.6) and related Symantec Protection Engine deployments. It arises from improper validation of user-supplied PP...

9CVSS7.7AI score0.20891EPSS
CVE
CVE
added 2009/04/29 3:0 p.m.67 views

CVE-2009-1431

Symantec Alert Management System (AMS2) Intel File Transfer service (XFR.EXE) is affected. A design flaw allows remote code execution by an unauthenticated attacker who places code on a share or WebDAV server and then sends the UNC path to the XFR.EXE service. Impact can affect Symantec System Ce...

9.3CVSS7.5AI score0.08036EPSS
Web
CVE
CVE
added 2009/04/30 8:0 p.m.67 views

CVE-2009-1432

CVE-2009-1432 affects Symantec Reporting Server, used with Symantec AntiVirus Corporate Edition, Symantec Client Security, and Symantec Endpoint Protection Manager. A URL handling error in the Reporting Server login page allows remote attackers to display arbitrary text via a crafted link, enabli...

5CVSS6.8AI score0.04225EPSS
CVE
CVE
added 2014/08/06 7:0 p.m.67 views

CVE-2014-3434

CVE-2014-3434 describes a kernel pool overflow in the Symantec Endpoint Protection (SEP) client sysplant driver. Affected products include SEP 11.x and SEP 12.x (before 12.1 RU4 MP1b) and SEP 12.1 Small Business Edition before 12.1 RU4 MP1b. The issue arises from insufficient validation of extern...

6.9CVSS7.3AI score0.01628EPSS
CVE
CVE
added 2016/06/30 11:0 p.m.66 views

CVE-2016-3644

CVE-2016-3644 is a vulnerability in the Norton/Symantec decomposer/mime-parsing path (CMIMEParser::UpdateHeader) that can be triggered by specially crafted MIME data, potentially leading to memory corruption, a denial of service, or arbitrary code execution. The linked Nessus/OpenVAS entries tie ...

10CVSS7.8AI score0.17739EPSS
CVE
CVE
added 2020/02/11 5:4 p.m.66 views

CVE-2020-5823

Symantec Endpoint Protection (SEP) and SEP Small Business Edition (SEP SBE) before 14.2 RU2 MP1 (SEP) and before 14.2.5569.2100 (SEP SBE) are affected by a privilege-escalation vulnerability. Exploitation would allow local attackers to gain elevated access. Remediation is to upgrade to SEP 14.2 R...

7.8CVSS7.9AI score0.00389EPSS
CVE
CVE
added 2010/12/22 8:0 p.m.65 views

CVE-2010-3268

Symantec Intel Alert Management System (AMS) remote DoS (CVE-2010-3268) affects hndlrsvc.exe/ prgxhndl.dll when parsing the CommandLine field in AMS requests. GetStringAMSHandler() forwards to AMSLIB.AMSGetPastParamList, which can crash the service by dereferencing an invalid memory read during C...

5CVSS6.6AI score0.0332EPSS
CVE
CVE
added 2009/04/29 3:0 p.m.64 views

CVE-2009-1428

The CVE-2009-1428 entry describes two parsing errors in the ccLgView.exe component of the Symantec Log Viewer used by multiple Norton/Symantec products (SAV before 10.1 MR8, SEP before 11.0 MR1, Norton 360 1.0, Norton Internet Security 2005–2008). The vulnerability enables remote XSS via a crafte...

4.3CVSS5.8AI score0.02329EPSS
CVE
CVE
added 2012/05/23 9:0 p.m.64 views

CVE-2012-0289

CVE-2012-0289 affects Symantec Endpoint Protection and Symantec Network Access Control (SEP/SNAC) on Windows. The issue is a buffer overflow in SEP/SNAC components (notably SemSvc/AgentServlet) that, via crafted input, allowed local users to gain privileges and potentially cause data modification...

7.2CVSS6.7AI score0.0146EPSS
CVE
CVE
added 2014/01/10 4:0 p.m.64 views

CVE-2013-5011

CVE-2013-5011 is an unquoted Windows search path vulnerability affecting the Symantec Endpoint Protection (SEP) client. The issue exists in SEP 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 (and Small Business Edition 12.x before 12.1.2 RU2), where an unquoted path in the SYSTEMDRIVE root could...

7.2CVSS8.4AI score0.00474EPSS
CVE
CVE
added 2016/06/30 11:0 p.m.64 views

CVE-2016-2207

The CVE-2016-2207 family is associated with multiple Symantec products (Norton/Norton AntiVirus/Norton Internet Security/Norton 360, SEP, SPE, SMSMSE, SMSDOM, SPSS, SWG, and related protection engines) and third-party components (Unpack ShortLZ in UnRAR, Dec2LHA, libmspack, MIME parsing, TNEF, ZI...

10CVSS7.7AI score0.18101EPSS
CVE
CVE
added 2016/06/30 11:0 p.m.64 views

CVE-2016-3646

CVE-2016-3646 affects the Decompressor (UnShrink/ZIP handling) in Symantec Norton/Norton Security and related products across the Symantec stack (including ATP, SDCS:S, Web Gateway, SEP on multiple platforms, SPE, SPSS, SMSMSE, SMSDOM, CSAPI, SMG/SMG-SP, Norton for Mac/Windows, NPE, NBRT). The is...

10CVSS7.7AI score0.17739EPSS
CVE
CVE
added 2018/11/29 2:0 p.m.64 views

CVE-2018-12238

CVE-2018-12238 is an AV bypass affecting Norton/Symantec endpoint products. Affected include Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 and 14.2; SEP SBE prior to NIS-22.15.1.8 and SEP-12.1.7454.7000; and SEP Cloud prior to 22.15.1. The issue enables evading...

7.8CVSS7.5AI score0.00402EPSS
CVE
CVE
added 2017/04/14 6:0 p.m.63 views

CVE-2016-5309

CVE-2016-5309 is a DoS in the RAR file parser of Symantec’s decomposer engines across multiple products (ATP/NS/SEPs/SPE/SMG family). The root cause is an out-of-bounds read during RAR decompression, allowing remote attackers to crash affected applications via specially crafted RAR files. A close...

5.5CVSS5.1AI score0.06877EPSS
CVE
CVE
added 2017/04/14 6:0 p.m.63 views

CVE-2016-5310

CVE-2016-5310 covers a denial-of-service memory-corruption issue in the RAR file parser/decompressor across Symantec products (ATP, various SEP variants, SPE, SMSG, SMSDOM, SPSS, SMSMSE, SEPC, SEPC, etc.). The root cause is mishandling of crafted RAR archives in the decompression path, leading to...

5.5CVSS5.1AI score0.05307EPSS
CVE
CVE
added 2018/11/29 2:0 p.m.63 views

CVE-2018-12245

CVE-2018-12245 affects Symantec Endpoint Protection (SEP) Client versions prior to 14.2 MP1. It is a DLL Preloading vulnerability that can trigger when an application is installed, loading a DLL supplied by an attacker. Impact details are described in the connected sources as a install-time issue...

7.8CVSS7.4AI score0.01084EPSS
CVE
CVE
added 2009/04/29 3:0 p.m.62 views

CVE-2009-1430

CVE-2009-1430 describes multiple stack-based buffer overflows in the IAO.EXE component of the Intel Alert Originator Service used by Symantec Alert Management System 2 (AMS2). The underlying fault is a boundary/stack overflow in the MsgSys.exe path that can be triggered by either a crafted networ...

9.3CVSS7.5AI score0.55088EPSS
CVE
CVE
added 2020/02/11 5:7 p.m.62 views

CVE-2020-5824

CVE-2020-5824 affects Symantec Endpoint Protection (SEP) and SEP Small Business Edition (SEP SBE) pre-14.2 RU2 MP1 and pre-14.2.5569.2100, respectively. It is a Denial of Service vulnerability that can exhaust resources and render certain functions unavailable. Connected advisories also reference...

5.5CVSS5.5AI score0.00336EPSS
CVE
CVE
added 2020/02/11 5:1 p.m.61 views

CVE-2020-5820

CVE-2020-5820 affects Symantec Endpoint Protection (SEP) and SEP Small Business Edition (SEP SBE) prior to 14.2 RU2 MP1 (and 14.2.5569.2100, respectively). The connected advisories describe a privilege escalation vulnerability rooted in insufficient validation within components used by SEP/SEP SB...

7.8CVSS7.9AI score0.00389EPSS
CVE
CVE
added 2020/02/11 5:9 p.m.61 views

CVE-2020-5826

Summary: CVE-2020-5826 affects Symantec Endpoint Protection (SEP) and SEP Small Business Edition (SEP SBE) prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, with an out-of-bounds vulnerability that can cause the application to read memory outside allocated bounds. Technical details:...

5.5CVSS5.4AI score0.00336EPSS
CVE
CVE
added 2010/02/19 5:0 p.m.60 views

CVE-2010-0108

The CVE-2010-0108 issue is a buffer overflow in the Symantec Client Proxy ActiveX (CLIproxy.dll). Affected products include Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4, plus Symantec Client Security 3.0.x and 3.1.x before MR9. The underlying cause is insufficient boundary ...

10CVSS7.9AI score0.19405EPSS
Web
CVE
CVE
added 2012/03/21 10:0 a.m.60 views

CVE-2012-1462

CVE-2012-1462 describes a vulnerability in the ZIP file parser used by multiple antivirus products (e.g., Symantec Endpoint Protection 11, AhnLab V3 Internet Security, AVG, Quick Heal, Emsisoft Anti-Malware, Sophos, Kaspersky, Fortinet, etc.). The issue allows remote attackers to bypass malware d...

4.3CVSS6.6AI score0.97903EPSS
CVE
CVE
added 2012/05/24 12:0 a.m.60 views

CVE-2012-1821

CVE-2012-1821 affects the Symantec Endpoint Protection Manager 11.x Network Threat Protection module on Windows Server 2003, with SEP 11.0.600x–11.0.700x. A remote attacker can trigger a denial of service by flooding the web server, causing it to become unresponsive or the daemon to crash/hang. T...

5CVSS6.8AI score0.0287EPSS
CVE
CVE
added 2016/06/30 11:0 p.m.60 views

CVE-2016-2210

CVE-2016-2210 is described in connected advisories as a buffer overflow in the Dec2LHA.dll (CSymLHA::get_header) used by Symantec Norton/Norton-related decomposer engines to decompress LZH/LHA archives. The vulnerability affects multiple Symantec products (e.g., Protection Engine, Protection for ...

9CVSS7.7AI score0.11372EPSS
CVE
CVE
added 2010/12/22 12:0 a.m.58 views

CVE-2010-0114

The CVE concerns Symantec Endpoint Protection Manager’s Reporting Module (fw_charts.php) where an attacker could overwrite PHP scripts and execute arbitrary code. Concrete details across sources: vulnerability exists in SEP 11.x prior to 11 RU6 MP2; the flaw is in the report-generation component ...

7.5CVSS7.8AI score0.05048EPSS
CVE
CVE
added 2012/12/18 8:0 p.m.58 views

CVE-2012-4348

The CVE-2012-4348 entry corresponds to a vulnerability in Symantec Endpoint Protection Manager/Protection Center where PHP scripts do not properly validate external input, enabling remote code execution. Affected products are SEP 11.0 before RU7-MP3, SEP 12.1 before RU2, and SEP Small Business Ed...

7.2CVSS8.6AI score0.01161EPSS
CVE
CVE
added 2015/09/20 8:0 p.m.58 views

CVE-2014-9228

Summary (CVE-2014-9228) : In Symantec Endpoint Protection Manager, the sysplant.sys component (Manager) before 12.1.6 can trigger a deadlock when handling specific calls, leading to a DoS by blocking system shutdown. This is described in the NVD entry for CVE-2014-9228 and corroborated by related...

4.9CVSS6.3AI score0.00425EPSS
CVE
CVE
added 2015/11/12 2:0 a.m.58 views

CVE-2015-8113

Summary (CVE-2015-8113): SEP 12.1 before 12.1-RU6-MP3 is vulnerable to local privilege escalation via an untrusted search path (Trojan horse DLL) in a client install package. This stems from an incomplete fix for CVE-2015-1492 and affects SEP clients; the issue can be exploited locally to gain pr...

7.2CVSS6.4AI score0.00471EPSS
CVE
CVE
added 2020/02/11 5:7 p.m.58 views

CVE-2020-5825

CVE-2020-5825 affects Symantec Endpoint Protection (SEP) and SEP SBE prior to 14.2 RU2 MP1 (14.2.5569.2100). It is an arbitrary file write vulnerability allowing overwriting of existing files without proper privileges (local access). Remediation is to upgrade to SEP/SEP SBE 14.2 RU2 MP1 (14.2.556...

5.5CVSS5.6AI score0.00363EPSS
CVE
CVE
added 2014/01/10 4:0 p.m.57 views

CVE-2013-5009

The CVE-2013-5009 issue affects Symantec Endpoint Protection Manager (SEP/Mgr) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2, as well as Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2. The vulnerability is an authentication flaw in the Management Console that allows an authen...

7.4CVSS6.6AI score0.00784EPSS
CVE
CVE
added 2018/04/16 6:0 p.m.57 views

CVE-2016-9094

Symantec Endpoint Protection (SEP) Client 12.1.x before 12.1 RU6 MP7 or 14.0.x before 14.0 MP1 is affected by CVE-2016-9094. The issue arises when exporting quarantine logs (CSV format); file metadata can be interpreted as a formula, enabling a formula-injection style vulnerability. Exploitation ...

7.8CVSS7.4AI score0.01324EPSS
Total number of security vulnerabilities71