Lucene search
K
SymantecEndpoint Protection Cloud

7 matches found

CVE
CVE
added 2019/04/25 7:13 p.m.77 views

CVE-2018-18366

Symantec Endpoint Protection Small Business Edition ccSetx86.sys kernel driver (IOCTL 0x224844) has an information-disclosure vulnerability. A specially crafted IRP can cause the driver to return uninitialized kernel memory to a user-mode process, potentially leaking sensitive data. The issue is ...

6.5CVSS6.3AI score0.00386EPSS
CVE
CVE
added 2020/01/09 7:30 p.m.75 views

CVE-2016-5311

CVE-2016-5311 describes a local privilege-escalation in multiple Symantec Norton product lines (Antivirus, Security, Internet Security, 360, Endpoint Protection, etc.) caused by DLL preloading with inadequate path restrictions. The underlying issue is improper DLL search/path handling, allowing a...

7.8CVSS7.3AI score0.00714EPSS
CVE
CVE
added 2017/04/14 6:0 p.m.64 views

CVE-2016-5309

CVE-2016-5309 is a DoS in the RAR file parser of Symantec’s decomposer engines across multiple products (ATP/NS/SEPs/SPE/SMG family). The root cause is an out-of-bounds read during RAR decompression, allowing remote attackers to crash affected applications via specially crafted RAR files. A close...

5.5CVSS5.1AI score0.06877EPSS
CVE
CVE
added 2018/11/29 2:0 p.m.64 views

CVE-2018-12238

CVE-2018-12238 is an AV bypass affecting Norton/Symantec endpoint products. Affected include Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 and 14.2; SEP SBE prior to NIS-22.15.1.8 and SEP-12.1.7454.7000; and SEP Cloud prior to 22.15.1. The issue enables evading...

7.8CVSS7.5AI score0.00402EPSS
CVE
CVE
added 2017/04/14 6:0 p.m.63 views

CVE-2016-5310

CVE-2016-5310 covers a denial-of-service memory-corruption issue in the RAR file parser/decompressor across Symantec products (ATP, various SEP variants, SPE, SMSG, SMSDOM, SPSS, SMSMSE, SEPC, SEPC, etc.). The root cause is mishandling of crafted RAR archives in the decompression path, leading to...

5.5CVSS5.1AI score0.05307EPSS
CVE
CVE
added 2018/11/29 2:0 p.m.50 views

CVE-2018-12239

CVE-2018-12239 affects Norton 22.15 and certain Symantec Endpoint Protection (SEP) lines prior to 12.1.7454.7000 and 14.2, SEP SBE prior to NIS-22.15.1.8/SEP-12.1.7454.7000, and SEP Cloud prior to 22.15.1. The issue is an AV bypass vulnerability where one antivirus engine relies on a signature da...

6.8CVSS6.9AI score0.00517EPSS
CVE
CVE
added 2019/04/25 4:55 p.m.47 views

CVE-2018-18369

The CVE-2018-18369 entry describes a DLL Preloading vulnerability affecting Windows clients: Norton Security prior to 22.16.3 and SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, and SEP-12.1.7484.7002. Root cause is a DLL loading order issue that can allow an attacker to substitute a m...

7.8CVSS7.6AI score0.02381EPSS