Lucene search

K
SymantecNorton Antivirus

14 matches found

CVE
CVE
added 2005/02/08 5:0 a.m.50 views

CVE-2005-0249

Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

7.5CVSS8AI score0.10603EPSS
CVE
CVE
added 2005/08/30 11:45 a.m.45 views

CVE-2005-2017

Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the "Scan for viruses" option, which launches a help window with raised privileges, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2002-1540.

10CVSS6.5AI score0.00445EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.42 views

CVE-2005-0922

Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type.

5CVSS6.5AI score0.02307EPSS
CVE
CVE
added 2005/10/20 11:2 p.m.41 views

CVE-2005-2759

** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify. Use CVE-2005-...

7.2CVSS6.6AI score0.0027EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.40 views

CVE-2002-1776

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office document. NOTE: the vendor has disputed this...

7.5CVSS7AI score0.00534EPSS
CVE
CVE
added 2005/10/21 1:2 a.m.40 views

CVE-2005-3270

Untrusted search path vulnerability in DiskMountNotify for Symantec Norton AntiVirus 9.0.3 allows local users to gain privileges by modifying the PATH to reference a malicious (1) ps or (2) grep file.

7.2CVSS6.9AI score0.0027EPSS
CVE
CVE
added 2005/07/01 4:0 a.m.39 views

CVE-2004-2147

Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body.

5CVSS6.9AI score0.00599EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.38 views

CVE-2002-1777

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension such as .nch or .dbx, but a malicious extension in the Content-Disposition field, which is use...

7.5CVSS7AI score0.00534EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.38 views

CVE-2005-1346

Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote atta...

2.6CVSS7AI score0.00705EPSS
CVE
CVE
added 2005/09/02 10:3 a.m.38 views

CVE-2005-2766

Symantec AntiVirus Corporate Edition 9.0.1.x and 9.0.4.x, and possibly other versions, when obtaining updates from an internal LiveUpdate server, stores sensitive information in cleartext in the Log.Liveupdate log file, which allows attackers to obtain the username and password to the internal Live...

2.1CVSS6.8AI score0.00082EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.37 views

CVE-2002-1775

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initi...

7.5CVSS7.1AI score0.00534EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.36 views

CVE-2002-1774

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to send viruses that bypass the e-mail scanning via a NULL character in the MIME header before the virus. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypasse...

7.5CVSS7AI score0.00534EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.34 views

CVE-2005-0923

The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share.

2.1CVSS6.5AI score0.0013EPSS
CVE
CVE
added 2005/11/16 9:17 p.m.33 views

CVE-2002-2206

The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.

7.8CVSS6.6AI score0.00714EPSS