Norton Antivirus@* Security Vulnerabilities and Issues — Norton Antivirus@* CVE List

Lucene search

SymantecNorton Antivirus*

19 matches found

CVE•added 2007/10/05 9:17 p.m.•58 views

CVE-2007-3699

The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.

9.3CVSS6.2AI score0.02382EPSS

CVE•added 2020/01/09 8:15 p.m.•56 views

CVE-2016-5311

A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading ...

7.8CVSS7.3AI score0.00289EPSS

CVE•added 2016/06/30 11:59 p.m.•54 views

CVE-2016-2211

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SE...

9.3CVSS7.7AI score0.20024EPSS

CVE•added 2016/06/30 11:59 p.m.•53 views

CVE-2016-3644

10CVSS7.8AI score0.29018EPSS

CVE•added 2016/06/30 11:59 p.m.•52 views

CVE-2016-2209

Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac;...

9CVSS7.7AI score0.29051EPSS

CVE•added 2016/06/30 11:59 p.m.•52 views

CVE-2016-3646

10CVSS7.7AI score0.25975EPSS

CVE•added 2007/10/05 9:17 p.m.•50 views

CVE-2007-0447

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.

9.3CVSS7.7AI score0.10844EPSS

CVE•added 2016/06/30 11:59 p.m.•50 views

CVE-2016-2207

10CVSS7.7AI score0.50208EPSS

CVE•added 2000/02/08 5:0 a.m.•49 views

CVE-2000-0119

The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.

7.2CVSS7.1AI score0.00956EPSS

CVE•added 2016/06/30 11:59 p.m.•48 views

CVE-2016-2210

Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac...

9CVSS7.7AI score0.29051EPSS

CVE•added 2018/11/29 2:29 p.m.•47 views

CVE-2018-12238

Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass...

7.8CVSS7.5AI score0.00082EPSS

CVE•added 2007/07/16 11:30 p.m.•43 views

CVE-2007-3800

Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code.

6CVSS6.5AI score0.00055EPSS

CVE•added 2002/08/12 4:0 a.m.•42 views

CVE-2002-0485

Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients.

7.5CVSS7.2AI score0.00334EPSS

CVE•added 2006/10/19 1:7 a.m.•42 views

CVE-2006-5404

Unspecified vulnerability in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to obtain sensitive information via unspecified vectors.

2.6CVSS6.6AI score0.00707EPSS

CVE•added 2016/06/30 11:59 p.m.•42 views

CVE-2016-3645

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) ...

10CVSS7.2AI score0.75552EPSS

CVE•added 2004/11/03 5:0 a.m.•39 views

CVE-2004-0920

Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS device name.

5CVSS6.8AI score0.0057EPSS

CVE•added 2006/10/19 1:7 a.m.•39 views

CVE-2006-5403

Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecif...

5.1CVSS8.2AI score0.23994EPSS

CVE•added 2018/11/29 2:29 p.m.•35 views

CVE-2018-12239

6.8CVSS6.9AI score0.00087EPSS

CVE•added 2001/09/12 4:0 a.m.•33 views

CVE-1999-1323

Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.

4.6CVSS7.2AI score0.00102EPSS