IDCVSSSummaryLast (major) updatePublished
CVE-2005-3217 5.1
Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be open
17-10-2016 - 23:33 14-10-2005 - 06:02
CVE-2004-0217 3.7
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2012-4953 9.3
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bound
11-03-2013 - 23:17 14-11-2012 - 07:30
CVE-2011-0688 9.3
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrar
06-02-2013 - 23:41 31-01-2011 - 16:00
CVE-2010-3268 5.0
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 20
06-02-2013 - 23:34 22-12-2010 - 16:00
CVE-2010-0111 9.3
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x,
06-02-2013 - 23:26 31-01-2011 - 16:00
CVE-2010-0110 7.9
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, al
06-02-2013 - 23:26 31-01-2011 - 16:00
CVE-2010-0108 10.0
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attack
06-02-2013 - 23:26 19-02-2010 - 12:30
CVE-2010-0106 1.9
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-de
06-02-2013 - 23:26 19-02-2010 - 12:30
CVE-2009-3104 4.3
Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and
06-02-2013 - 23:21 08-09-2009 - 18:30
CVE-2009-1432 5.0
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec E
06-02-2013 - 23:17 30-04-2009 - 16:30
CVE-2009-1431 9.3
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corpora
06-02-2013 - 23:17 29-04-2009 - 11:30
CVE-2009-1430 9.3
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Sym
06-02-2013 - 23:17 29-04-2009 - 11:30
CVE-2009-1429 10.0
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 bef
06-02-2013 - 23:17 29-04-2009 - 11:30
CVE-2009-1428 4.3
Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security
06-02-2013 - 23:17 29-04-2009 - 11:30
CVE-2007-3699 9.3
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
30-10-2012 - 22:39 05-10-2007 - 17:17
CVE-2007-0447 9.3
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
30-10-2012 - 22:28 05-10-2007 - 17:17
CVE-2007-1793 4.9
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute ar
08-08-2011 - 00:00 02-04-2007 - 18:19
CVE-2006-0232 5.0
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct request
07-03-2011 - 21:29 24-04-2006 - 21:02
CVE-2006-0231 6.4
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
07-03-2011 - 21:29 24-04-2006 - 21:02
CVE-2006-0230 10.0
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.
07-03-2011 - 21:29 24-04-2006 - 21:02
CVE-2005-2758 10.0
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
07-03-2011 - 21:24 05-10-2005 - 15:02
CVE-2008-5543 9.3
Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extens
29-01-2009 - 01:59 12-12-2008 - 13:30
CVE-2005-1346 2.6
Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4
05-09-2008 - 16:48 02-05-2005 - 00:00
CVE-2005-0249 7.5
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
05-09-2008 - 16:45 08-02-2005 - 00:00
Back to Top Mark selected
Back to Top