Lucene search

K
SymantecEndpoint Protection11.0

33 matches found

CVE
CVE
added 2012/03/21 10:11 a.m.89 views

CVE-2012-1459

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Ant...

4.3CVSS6AI score0.91052EPSS
CVE
CVE
added 2012/03/21 10:11 a.m.80 views

CVE-2012-1457

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot...

4.3CVSS6AI score0.85138EPSS
CVE
CVE
added 2012/03/21 10:11 a.m.69 views

CVE-2012-1443

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0....

4.3CVSS6.5AI score0.50208EPSS
CVE
CVE
added 2019/07/31 6:15 p.m.68 views

CVE-2019-12750

Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the s...

7.8CVSS7.9AI score0.00777EPSS
CVE
CVE
added 2019/11/15 6:15 p.m.68 views

CVE-2019-12757

Symantec Endpoint Protection (SEP), prior to 14.2 RU2 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to 12.1 RU6 MP10d (12.1.7510.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to c...

7.8CVSS7.9AI score0.00072EPSS
CVE
CVE
added 2019/04/25 8:29 p.m.65 views

CVE-2018-18366

Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type ...

6.5CVSS6.3AI score0.00086EPSS
CVE
CVE
added 2012/03/21 10:11 a.m.61 views

CVE-2012-1461

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565...

4.3CVSS6.6AI score0.80052EPSS
CVE
CVE
added 2012/03/21 10:11 a.m.60 views

CVE-2012-1456

The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.9...

4.3CVSS6.6AI score0.22516EPSS
CVE
CVE
added 2019/11/15 5:15 p.m.58 views

CVE-2019-12756

Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.

2.3CVSS5.2AI score0.00066EPSS
CVE
CVE
added 2009/04/30 8:30 p.m.55 views

CVE-2009-1432

Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows ...

5CVSS6.8AI score0.02179EPSS
CVE
CVE
added 2014/08/06 7:55 p.m.55 views

CVE-2014-3434

Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call.

6.9CVSS7.3AI score0.00828EPSS
CVE
CVE
added 2020/02/11 6:15 p.m.52 views

CVE-2020-5823

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise th...

7.8CVSS7.9AI score0.00072EPSS
CVE
CVE
added 2009/04/29 3:30 p.m.47 views

CVE-2009-1428

Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inj...

4.3CVSS5.8AI score0.01241EPSS
CVE
CVE
added 2014/01/10 4:47 p.m.47 views

CVE-2013-5009

The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging acces...

7.4CVSS6.6AI score0.00302EPSS
CVE
CVE
added 2014/01/10 4:47 p.m.47 views

CVE-2013-5011

Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% direc...

7.2CVSS8.4AI score0.00057EPSS
CVE
CVE
added 2020/02/11 6:15 p.m.47 views

CVE-2020-5820

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise th...

7.8CVSS7.9AI score0.00072EPSS
CVE
CVE
added 2020/02/11 6:15 p.m.47 views

CVE-2020-5824

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resou...

5.5CVSS5.5AI score0.00063EPSS
CVE
CVE
added 2012/03/21 10:11 a.m.46 views

CVE-2012-1462

The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kasp...

4.3CVSS6.6AI score0.08376EPSS
CVE
CVE
added 2020/02/11 6:15 p.m.46 views

CVE-2020-5826

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory...

5.5CVSS5.4AI score0.00063EPSS
CVE
CVE
added 2010/02/19 5:30 p.m.45 views

CVE-2010-0108

Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument...

10CVSS7.9AI score0.12622EPSS
CVE
CVE
added 2010/12/22 9:0 p.m.45 views

CVE-2010-3268

The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11...

5CVSS6.6AI score0.06514EPSS
CVE
CVE
added 2020/02/11 6:15 p.m.44 views

CVE-2020-5825

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existi...

5.5CVSS5.6AI score0.00091EPSS
CVE
CVE
added 2010/02/19 5:30 p.m.43 views

CVE-2010-0106

The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent...

1.9CVSS6.6AI score0.00299EPSS
CVE
CVE
added 2012/03/21 10:11 a.m.43 views

CVE-2012-1446

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-...

4.3CVSS6.6AI score0.02536EPSS
CVE
CVE
added 2012/12/18 8:55 p.m.43 views

CVE-2012-4348

The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via...

7.2CVSS8.6AI score0.00681EPSS
CVE
CVE
added 2010/12/22 1:0 a.m.42 views

CVE-2010-0114

fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request.

7.5CVSS7.8AI score0.0276EPSS
CVE
CVE
added 2012/11/14 12:30 p.m.42 views

CVE-2012-4953

The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which a...

9.3CVSS7.8AI score0.09486EPSS
CVE
CVE
added 2014/01/10 4:47 p.m.39 views

CVE-2013-5010

The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intend...

4.6CVSS6.2AI score0.00072EPSS
CVE
CVE
added 2012/03/21 10:11 a.m.38 views

CVE-2012-1421

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: ...

4.3CVSS6.6AI score0.00191EPSS
CVE
CVE
added 2012/03/21 10:11 a.m.37 views

CVE-2012-1425

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfe...

4.3CVSS6.6AI score0.54236EPSS
CVE
CVE
added 2019/04/25 7:29 p.m.35 views

CVE-2018-12244

SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.

6.8CVSS6.5AI score0.00449EPSS
CVE
CVE
added 2020/02/11 6:15 p.m.34 views

CVE-2020-5822

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise th...

7.8CVSS7.9AI score0.00072EPSS
CVE
CVE
added 2020/02/11 6:15 p.m.30 views

CVE-2020-5821

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own cod...

7.8CVSS7.7AI score0.00072EPSS