cnvd - cnvd-2016-04440

cnvd-2016-04440

Vulnerability from cnvd

Title: 多款Symantec和Norton产品缓冲区溢出漏洞（CNVD-2016-04440）

Description:

Symantec Advanced Threat Protection（ATP）、Symantec Embedded Security:Critical System Protection（SES:CSP）和Symantec Data Center Security: Server Advanced（SDCS:SA）都是美国赛门铁克（Symantec）公司的安全产品。ATP是一套用于挖掘并清除终端、网络和电子邮件网关等存在的高级威胁的软件；SES:CSP是一款轻量级的入侵检测和防御系统客户端产品；SDCS:SA为软件定义数据中心的物理和虚拟服务器提供了安全防护。

多款Symantec和Norton产品的AntiVirus Decomposer引擎的Dec2SS中存在缓冲区溢出漏洞。攻击者可借助特制的文件利用该漏洞造成拒绝服务，或执行任意代码。

Severity: 高

Patch Name: 多款Symantec和Norton产品缓冲区溢出漏洞（CNVD-2016-04440）的补丁

Patch Description:

多款Symantec和Norton产品的AntiVirus Decomposer引擎的Dec2SS中存在缓冲区溢出漏洞。攻击者可借助特制的文件利用该漏洞造成拒绝服务，或执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00

Reference: http://packetstormsecurity.com/files/137712/Symantec-PowerPoint-Misaligned-Stream-Cache-Buffer-Overflow.html

Impacted products

Name
['Symantec Advanced Threat Protection (ATP)', 'Symantec Web Gateway', 'Symantec Endpoint Protection (SEP) for Mac', 'Symantec Endpoint Protection (SEP) for Linux <12.1 RU6 MP5', 'Symantec Protection Engine (SPE) <7.0.5 HF01', 'Symantec Protection Engine (SPE) 7.5.4，<HF01', 'Symantec Protection Engine (SPE) 7.8.0，< HF01', 'Symantec Protection for SharePoint Servers (SPSS) >=6.0.3，<=6.0.5 HF 1.5', 'Symantec Protection for SharePoint Servers (SPSS) 6.0.6，<HF 1.6', 'Symantec Mail Security for Microsoft Exchange (SMSMSE) <7.0_3966002 HF1.1', 'Symantec Mail Security for Microsoft Exchange (SMSMSE) 7.5.x，<7.5_3966008 VHF1.2', 'Symantec Mail Security for Domino (SMSDOM) <8.0.9 HF1.1', 'Symantec Mail Security for Domino (SMSDOM) 8.1.x，<8.1.3 HF1.2', 'Symantec Message Gateway (SMG) <10.6.1-4', 'Symantec Message Gateway for Service Providers (SMG-SP) 10.5，<patch 254', 'Symantec Message Gateway for Service Providers (SMG-SP) 10.6，<patch 253', 'Norton Bootable Removal Tool (NBRT) <=2016.1', 'Norton Power Eraser (NPE) <=5.1', 'Norton Security for Mac <=13.0.2', 'Norton 360 <=NGC 22.7', 'Norton Internet Security <=NGC 22.7', 'Norton Security with Backup <=NGC 22.7', 'Norton Security <=NGC 22.7', 'Norton AntiVirus <=NGC 22.7', 'Norton Product Family <=NGC 22.7', 'Symantec CSAPI <=10.0.4', 'Symantec Endpoint Protection (SEP) <=12.1.6 MP4', 'Symantec Email Security Server .Cloud (ESS)', 'Symantec Symantec Web Security .Cloud', 'Symantec Data Center Security:Server (SDCS:S) 6.0', 'Symantec Data Center Security:Server (SDCS:S) 6.0MP1', 'Symantec Data Center Security:Server (SDCS:S) 6.5', 'Symantec Data Center Security:Server (SDCS:S) 6.5MP1', 'Symantec Data Center Security:Server (SDCS:S) 6.6', 'Symantec Data Center Security:Server (SDCS:S) 6.6MP1']

Name

['Symantec Advanced Threat Protection (ATP)', 'Symantec Web Gateway', 'Symantec Endpoint Protection (SEP) for Mac', 'Symantec Endpoint Protection (SEP) for Linux <12.1 RU6 MP5', 'Symantec Protection Engine (SPE) <7.0.5 HF01', 'Symantec Protection Engine (SPE) 7.5.4，<HF01', 'Symantec Protection Engine (SPE) 7.8.0，< HF01', 'Symantec Protection for SharePoint Servers (SPSS) >=6.0.3，<=6.0.5 HF 1.5', 'Symantec Protection for SharePoint Servers (SPSS) 6.0.6，<HF 1.6', 'Symantec Mail Security for Microsoft Exchange (SMSMSE) <7.0_3966002 HF1.1', 'Symantec Mail Security for Microsoft Exchange (SMSMSE) 7.5.x，<7.5_3966008 VHF1.2', 'Symantec Mail Security for Domino (SMSDOM) <8.0.9 HF1.1', 'Symantec Mail Security for Domino (SMSDOM) 8.1.x，<8.1.3 HF1.2', 'Symantec Message Gateway (SMG) <10.6.1-4', 'Symantec Message Gateway for Service Providers (SMG-SP) 10.5，<patch 254', 'Symantec Message Gateway for Service Providers (SMG-SP) 10.6，<patch 253', 'Norton Bootable Removal Tool (NBRT) <=2016.1', 'Norton Power Eraser (NPE) <=5.1', 'Norton Security for Mac <=13.0.2', 'Norton 360 <=NGC 22.7', 'Norton Internet Security <=NGC 22.7', 'Norton Security with Backup <=NGC 22.7', 'Norton Security <=NGC 22.7', 'Norton AntiVirus <=NGC 22.7', 'Norton Product Family <=NGC 22.7', 'Symantec CSAPI <=10.0.4', 'Symantec Endpoint Protection (SEP) <=12.1.6 MP4', 'Symantec Email Security Server .Cloud (ESS)', 'Symantec Symantec Web Security .Cloud', 'Symantec Data Center Security:Server (SDCS:S) 6.0', 'Symantec Data Center Security:Server (SDCS:S) 6.0MP1', 'Symantec Data Center Security:Server (SDCS:S) 6.5', 'Symantec Data Center Security:Server (SDCS:S) 6.5MP1', 'Symantec Data Center Security:Server (SDCS:S) 6.6', 'Symantec Data Center Security:Server (SDCS:S) 6.6MP1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-2209"
    }
  },
  "description": "Symantec Advanced Threat Protection\uff08ATP\uff09\u3001Symantec Embedded Security:Critical System Protection\uff08SES:CSP\uff09\u548cSymantec Data Center Security: Server Advanced\uff08SDCS:SA\uff09\u90fd\u662f\u7f8e\u56fd\u8d5b\u95e8\u94c1\u514b\uff08Symantec\uff09\u516c\u53f8\u7684\u5b89\u5168\u4ea7\u54c1\u3002ATP\u662f\u4e00\u5957\u7528\u4e8e\u6316\u6398\u5e76\u6e05\u9664\u7ec8\u7aef\u3001\u7f51\u7edc\u548c\u7535\u5b50\u90ae\u4ef6\u7f51\u5173\u7b49\u5b58\u5728\u7684\u9ad8\u7ea7\u5a01\u80c1\u7684\u8f6f\u4ef6\uff1bSES:CSP\u662f\u4e00\u6b3e\u8f7b\u91cf\u7ea7\u7684\u5165\u4fb5\u68c0\u6d4b\u548c\u9632\u5fa1\u7cfb\u7edf\u5ba2\u6237\u7aef\u4ea7\u54c1\uff1bSDCS:SA\u4e3a\u8f6f\u4ef6\u5b9a\u4e49\u6570\u636e\u4e2d\u5fc3\u7684\u7269\u7406\u548c\u865a\u62df\u670d\u52a1\u5668\u63d0\u4f9b\u4e86\u5b89\u5168\u9632\u62a4\u3002\r\n\r\n\u591a\u6b3eSymantec\u548cNorton\u4ea7\u54c1\u7684AntiVirus Decomposer\u5f15\u64ce\u7684Dec2SS\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff0c\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Tavis Ormandy with Google\u0027s Project Zero",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04440",
  "openTime": "2016-07-04",
  "patchDescription": "Symantec Advanced Threat Protection\uff08ATP\uff09\u3001Symantec Embedded Security:Critical System Protection\uff08SES:CSP\uff09\u548cSymantec Data Center Security: Server Advanced\uff08SDCS:SA\uff09\u90fd\u662f\u7f8e\u56fd\u8d5b\u95e8\u94c1\u514b\uff08Symantec\uff09\u516c\u53f8\u7684\u5b89\u5168\u4ea7\u54c1\u3002ATP\u662f\u4e00\u5957\u7528\u4e8e\u6316\u6398\u5e76\u6e05\u9664\u7ec8\u7aef\u3001\u7f51\u7edc\u548c\u7535\u5b50\u90ae\u4ef6\u7f51\u5173\u7b49\u5b58\u5728\u7684\u9ad8\u7ea7\u5a01\u80c1\u7684\u8f6f\u4ef6\uff1bSES:CSP\u662f\u4e00\u6b3e\u8f7b\u91cf\u7ea7\u7684\u5165\u4fb5\u68c0\u6d4b\u548c\u9632\u5fa1\u7cfb\u7edf\u5ba2\u6237\u7aef\u4ea7\u54c1\uff1bSDCS:SA\u4e3a\u8f6f\u4ef6\u5b9a\u4e49\u6570\u636e\u4e2d\u5fc3\u7684\u7269\u7406\u548c\u865a\u62df\u670d\u52a1\u5668\u63d0\u4f9b\u4e86\u5b89\u5168\u9632\u62a4\u3002\r\n\r\n\u591a\u6b3eSymantec\u548cNorton\u4ea7\u54c1\u7684AntiVirus Decomposer\u5f15\u64ce\u7684Dec2SS\u4e2d\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684\u6587\u4ef6\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff0c\u6216\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eSymantec\u548cNorton\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2016-04440\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Symantec Advanced Threat Protection (ATP)",
      "Symantec Web Gateway",
      "Symantec Endpoint Protection (SEP) for Mac",
      "Symantec Endpoint Protection (SEP) for Linux \u003c12.1 RU6 MP5",
      "Symantec Protection Engine (SPE) \u003c7.0.5 HF01",
      "Symantec Protection Engine (SPE) 7.5.4\uff0c\u003cHF01",
      "Symantec Protection Engine (SPE) 7.8.0\uff0c\u003c HF01",
      "Symantec Protection for SharePoint Servers (SPSS) \u003e=6.0.3\uff0c\u003c=6.0.5 HF 1.5",
      "Symantec Protection for SharePoint Servers (SPSS) 6.0.6\uff0c\u003cHF 1.6",
      "Symantec Mail Security for Microsoft Exchange (SMSMSE)  \u003c7.0_3966002 HF1.1",
      "Symantec Mail Security for Microsoft Exchange (SMSMSE)  7.5.x\uff0c\u003c7.5_3966008 VHF1.2",
      "Symantec Mail Security for Domino (SMSDOM) \u003c8.0.9 HF1.1",
      "Symantec Mail Security for Domino (SMSDOM) 8.1.x\uff0c\u003c8.1.3 HF1.2",
      "Symantec Message Gateway (SMG) \u003c10.6.1-4",
      "Symantec Message Gateway for Service Providers (SMG-SP) 10.5\uff0c\u003cpatch 254",
      "Symantec Message Gateway for Service Providers (SMG-SP) 10.6\uff0c\u003cpatch 253",
      "Norton Bootable Removal Tool (NBRT) \u003c=2016.1",
      "Norton Power Eraser (NPE) \u003c=5.1",
      "Norton Security for Mac \u003c=13.0.2",
      "Norton 360 \u003c=NGC 22.7",
      "Norton Internet Security \u003c=NGC 22.7",
      "Norton Security with Backup \u003c=NGC 22.7",
      "Norton Security \u003c=NGC 22.7",
      "Norton AntiVirus \u003c=NGC 22.7",
      "Norton Product Family \u003c=NGC 22.7",
      "Symantec CSAPI \u003c=10.0.4",
      "Symantec Endpoint Protection (SEP) \u003c=12.1.6 MP4",
      "Symantec Email Security Server .Cloud (ESS)",
      "Symantec Symantec Web Security .Cloud",
      "Symantec Data Center Security:Server (SDCS:S)  6.0",
      "Symantec Data Center Security:Server (SDCS:S)  6.0MP1",
      "Symantec Data Center Security:Server (SDCS:S)  6.5",
      "Symantec Data Center Security:Server (SDCS:S)  6.5MP1",
      "Symantec Data Center Security:Server (SDCS:S)  6.6",
      "Symantec Data Center Security:Server (SDCS:S)  6.6MP1"
    ]
  },
  "referenceLink": "http://packetstormsecurity.com/files/137712/Symantec-PowerPoint-Misaligned-Stream-Cache-Buffer-Overflow.html",
  "serverity": "\u9ad8",
  "submitTime": "2016-06-30",
  "title": "\u591a\u6b3eSymantec\u548cNorton\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2016-04440\uff09"
}

CVE-2016-2209 (GCVE-0-2016-2209)

Vulnerability from cvelistv5

Published

2016-06-30 23:00

Modified

2024-08-05 23:24

Severity ?

CWE

Summary

Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.

References

▼	URL	Tags
	https://www.exploit-db.com/exploits/40037/	exploit, x_refsource_EXPLOIT-DB
	http://www.securitytracker.com/id/1036199	vdb-entry, x_refsource_SECTRACK
	http://www.securitytracker.com/id/1036198	vdb-entry, x_refsource_SECTRACK
	https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/91436	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T23:24:48.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "40037",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/40037/"
          },
          {
            "name": "1036199",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036199"
          },
          {
            "name": "1036198",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036198"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
          },
          {
            "name": "91436",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91436"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-06-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-02T09:57:01",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "name": "40037",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/40037/"
        },
        {
          "name": "1036199",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036199"
        },
        {
          "name": "1036198",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036198"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
        },
        {
          "name": "91436",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91436"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "ID": "CVE-2016-2209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "40037",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/40037/"
            },
            {
              "name": "1036199",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036199"
            },
            {
              "name": "1036198",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036198"
            },
            {
              "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00",
              "refsource": "CONFIRM",
              "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20160628_00"
            },
            {
              "name": "91436",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91436"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2016-2209",
    "datePublished": "2016-06-30T23:00:00",
    "dateReserved": "2016-02-02T00:00:00",
    "dateUpdated": "2024-08-05T23:24:48.650Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted