Lucene search
K
SymantecWeb Security

7 matches found

CVE
CVE
added 2007/10/05 9:0 p.m.70 views

CVE-2007-3699

CVE-2007-3699 affects the Decomposer component in multiple Symantec products, enabling remote attackers to trigger a denial of service (infinite loop) by crafting the PACK_SIZE field in a RAR header. Connected Nessus entries reiterate this as part of “Symantec Mail Security Engine/Scanner” vulner...

9.3CVSS6.2AI score0.03914EPSS
CVE
CVE
added 2007/10/05 9:0 p.m.63 views

CVE-2007-0447

The CVE-2007-0447 entry corresponds to a heap-based buffer overflow in the Decomposer used by Symantec products (notably Symantec Antivirus Scan Engine / Mail Security for Exchange/Domino) when processing crafted CAB archives, enabling remote code execution. Connected details corroborate: a heap ...

9.3CVSS7.7AI score0.05957EPSS
CVE
CVE
added 2005/02/08 5:0 a.m.61 views

CVE-2005-0249

Concretely affected: Symantec AntiVirus/Scan Engine DEC2EXE parsing engine (DEC2EXE.dll) used in the Symantec Antivirus Library. Issue: a heap-based buffer overflow caused by improper bounds checking when parsing UPX-compressed files, triggered by a crafted UPX file with a negative virtual offset...

7.5CVSS8AI score0.18832EPSS
CVE
CVE
added 2007/01/30 4:0 p.m.59 views

CVE-2007-0563

Symantec Web Security (SWS) is affected by CVE-2007-0563 due to multiple XSS vulnerabilities in versions prior to 3.0.1.85. The flaws allow remote attackers to inject arbitrary script or HTML via unspecified vectors related to error messages and blocked page messages produced by SWS. OpenVAS and ...

4.3CVSS5.7AI score0.02065EPSS
CVE
CVE
added 2007/01/30 4:0 p.m.52 views

CVE-2007-0564

Summary: CVE-2007-0564 affects Symantec Web Security (SWS) prior to version 3.0.1.85. The license registering interface can be abused to trigger a denial of service via submitting a large file, causing CPU consumption. Evidence/Details: The NVD entry specifies CPU consumption DoS with large file ...

4CVSS6.2AI score0.01005EPSS
CVE
CVE
added 2005/04/28 4:0 a.m.49 views

CVE-2005-1346

CVE-2005-1346 affects multiple Symantec AntiVirus products running on Windows (e.g., Norton AntiVirus 2005 11.0.0; Web Security 3.0.1.72; Mail Security for SMTP 4.0.5.66; AntiVirus Scan Engine 4.3.7.27; SAV/Filter for Domino NT 3.1.1.87; Mail Security for Exchange 4.5.4.743). The vulnerability al...

2.6CVSS7AI score0.01491EPSS
CVE
CVE
added 2007/11/15 11:0 p.m.47 views

CVE-2004-2755

CVE-2004-2755 describes an XSS in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62. The vulnerability allows remote attackers to inject arbitrary script or HTML via the query string of blocked URLs shown on error or block pages. The available documents confirm the affected versions and...

4.3CVSS6AI score0.01955EPSS