Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SymantecNorton Antivirus

67 matches found

CVE
CVEadded 2005/09/02 10:3 a.m.38 views

CVE-2005-2766

Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal Live...

2.1CVSS6.8AI score0.00082EPSS
CVE
CVEadded 2010/02/23 8:30 p.m.38 views

CVE-2010-0107

Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (cra...

9.3CVSS8.1AI score0.27114EPSS
CVE
CVEadded 2005/06/21 4:0 a.m.37 views

CVE-2002-1775

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initi...

7.5CVSS7.1AI score0.00534EPSS
CVE
CVEadded 2006/11/30 4:0 p.m.37 views

CVE-2003-1310

The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack").

4.6CVSS7AI score0.0017EPSS
CVE
CVEadded 2012/08/22 10:42 a.m.37 views

CVE-2010-3497

Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occu...

6.4CVSS8AI score0.02014EPSS
CVE
CVEadded 2000/10/20 4:0 a.m.36 views

CVE-2000-0793

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.

10CVSS7AI score0.00432EPSS
CVE
CVEadded 2005/06/21 4:0 a.m.36 views

CVE-2002-1774

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to send viruses that bypass the e-mail scanning via a NULL character in the MIME header before the virus. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypasse...

7.5CVSS7AI score0.00534EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.35 views

CVE-2000-0478

In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server.

5CVSS6.9AI score0.00775EPSS
CVE
CVEadded 2006/04/19 4:6 p.m.35 views

CVE-2006-1836

Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.

6.8CVSS6.6AI score0.0006EPSS
CVE
CVEadded 2006/09/14 10:7 p.m.35 views

CVE-2006-4802

Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-...

4.6CVSS7.1AI score0.00085EPSS
CVE
CVEadded 2008/04/08 5:5 p.m.35 views

CVE-2008-0313

The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly det...

6.8CVSS7.6AI score0.06221EPSS
CVE
CVEadded 2018/11/29 2:29 p.m.35 views

CVE-2018-12239

Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass...

6.8CVSS6.9AI score0.00087EPSS
CVE
CVEadded 2005/05/02 4:0 a.m.34 views

CVE-2005-0923

The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share.

2.1CVSS6.5AI score0.0013EPSS
CVE
CVEadded 2001/09/12 4:0 a.m.33 views

CVE-1999-1323

Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.

4.6CVSS7.2AI score0.00102EPSS
CVE
CVEadded 2005/11/16 9:17 p.m.33 views

CVE-2002-2206

The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.

7.8CVSS6.6AI score0.00714EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.32 views

CVE-1999-1004

Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command.

5CVSS7.3AI score0.00694EPSS
CVE
CVEadded 2007/10/23 1:0 a.m.31 views

CVE-2003-1451

Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename.

6.4CVSS8.3AI score0.02694EPSS
Total number of security vulnerabilities67