Web Security@2.5 Security Vulnerabilities and Issues — Web Security@2.5 CVE List

Lucene search

SymantecWeb Security2.5

3 matches found

CVE•added 2007/10/05 9:17 p.m.•58 views

CVE-2007-3699

The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.

9.3CVSS6.2AI score0.02382EPSS

CVE•added 2007/10/05 9:17 p.m.•50 views

CVE-2007-0447

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.

9.3CVSS7.7AI score0.10844EPSS

CVE•added 2007/11/15 11:0 p.m.•36 views

CVE-2004-2755

Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62 allows remote attackers to inject arbitrary web script or HTML via the query string in blocked URLs that are listed in (1) error or (2) block page messages.

4.3CVSS6AI score0.0109EPSS