Filtered by vendor Symantec
Subscribe
Total
569 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0538 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2011-03-08 | 7.5 HIGH | N/A |
| FTP proxy in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 rewrites an FTP server's "FTP PORT" responses in a way that allows remote attackers to redirect FTP data connections to arbitrary ports, a variant of the "FTP bounce" vulnerability. | |||||
| CVE-2003-1575 | 2 Sun, Symantec | 2 Solaris, Vxfs | 2010-01-31 | 4.6 MEDIUM | N/A |
| VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to the characteristics of a directory inode, which allows local users to bypass intended file permissions by accessing a file on a VxFS filesystem. | |||||
| CVE-2009-3179 | 1 Symantec | 1 Altiris Deployment Solution | 2009-09-15 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as identified by (1) "Symantec Altiris Deployment Solution 6.9 exploit, (2) "Symantec Altiris Deployment Solution 6.9 exploit (II)," and (3) "Symantec Altiris Deployment Solution 6.9 exploit (III)." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2009-3178 | 1 Symantec | 1 Altiris Deployment Solution | 2009-09-14 | 7.8 HIGH | N/A |
| Unspecified vulnerability in mm.exe in Symantec Altiris Deployment Solution 6.9 allows remote attackers to cause a denial of service via unknown attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.18, "Symantec Altiris Deployment Solution 6.9 DoS." NOTE: as of 20090909, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2008-4388 | 1 Symantec | 1 Appstream Client | 2009-05-18 | 9.3 HIGH | N/A |
| The LaunchObj ActiveX control before 5.2.2.865 in launcher.dll in Symantec AppStream Client 5.2.x before 5.2.2 SP3 MP1 does not properly validate downloaded files, which allows remote attackers to execute arbitrary code via the installAppMgr method and unspecified other methods. | |||||
| CVE-2007-5126 | 1 Symantec | 1 Veritas Backup Exec | 2008-11-15 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. | |||||
| CVE-2007-3665 | 1 Symantec | 1 Norton Ghost | 2008-11-15 | 5.0 MEDIUM | N/A |
| Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions. | |||||
| CVE-2007-3666 | 1 Symantec | 1 Norton Ghost | 2008-11-15 | 7.5 HIGH | N/A |
| Buffer overflow in RemoteCommand.DLL in Symantec Norton Ghost 12.0 allows remote attackers to execute arbitrary code via the Connect function. | |||||
| CVE-2002-1540 | 1 Symantec | 1 Norton Antivirus | 2008-09-10 | 7.2 HIGH | N/A |
| The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32. | |||||
| CVE-2002-0663 | 1 Symantec | 2 Norton Internet Security, Norton Personal Firewall | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request. | |||||
| CVE-2000-0273 | 1 Symantec | 1 Pcanywhere | 2008-09-10 | 5.0 MEDIUM | N/A |
| PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. | |||||
| CVE-2007-5555 | 1 Symantec | 1 Altiris Deployment Solution | 2008-09-05 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | |||||
| CVE-2005-3270 | 1 Symantec | 1 Norton Antivirus | 2008-09-05 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in DiskMountNotify for Symantec Norton AntiVirus 9.0.3 allows local users to gain privileges by modifying the PATH to reference a malicious (1) ps or (2) grep file. | |||||
| CVE-2005-1970 | 1 Symantec | 1 Pcanywhere | 2008-09-05 | 7.2 HIGH | N/A |
| Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature. | |||||
| CVE-2005-2017 | 1 Symantec | 1 Norton Antivirus | 2008-09-05 | 10.0 HIGH | N/A |
| Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the "Scan for viruses" option, which launches a help window with raised privileges, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2002-1540. | |||||
| CVE-2005-1346 | 1 Symantec | 7 Antivirus Scan Engine, Mail Security, Norton Antivirus and 4 more | 2008-09-05 | 2.6 LOW | N/A |
| Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file. | |||||
| CVE-2005-0922 | 1 Symantec | 3 Norton Antivirus, Norton Internet Security, Norton System Works | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type. | |||||
| CVE-2005-0923 | 1 Symantec | 3 Norton Antivirus, Norton Internet Security, Norton System Works | 2008-09-05 | 2.1 LOW | N/A |
| The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share. | |||||
| CVE-2005-0618 | 2 Nexland, Symantec | 4 Pro800turbo, Firewall Vpn Appliance 200r, Gateway Security 360 and 1 more | 2008-09-05 | 6.4 MEDIUM | N/A |
| The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network through an untrusted network. | |||||
| CVE-2004-2147 | 1 Symantec | 1 Norton Antivirus | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body. | |||||