var-200412-0566
Vulnerability from variot
Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body. It is alleged that Symantec Norton AntiVirus is prone to a denial of service vulnerability. The discoverer of this issue reports that when a malformed email is received through Microsoft Outlook and Norton AntiVirus attempts to process this email, the Norton AntiVirus application will crash. Symantec is currently investigating this report; this BID will be updated as soon as this investigation is complete. It should also be noted that the discoverer of the issue has not provided any details about which versions may be affected by this issue, version information will be updated appropriately when this issue is investigated further
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200412-0566",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "corporate_7.5"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2002"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "corporate_7.60.build_926"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2001"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "corporate_7.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "corporate_7.51"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "corporate_7.6"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "corporate_7.2"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "corporate_8.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "professional_2003"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "professional_2001"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "professional_2002"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "professional_2004"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "corporate_7.61"
},
{
"model": "norton antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "norton antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.61"
},
{
"model": "norton antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.51"
},
{
"model": "norton antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.6"
},
{
"model": "norton antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.5"
},
{
"model": "norton antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.2"
},
{
"model": "norton antivirus corporate edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "7.0"
},
{
"model": "norton antivirus corporate edition 7.60.build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "926"
},
{
"model": "norton antivirus professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2004"
},
{
"model": "norton antivirus professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2003"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20030"
},
{
"model": "norton antivirus professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2002"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20020"
},
{
"model": "norton antivirus professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2001"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20010"
}
],
"sources": [
{
"db": "BID",
"id": "11259"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
},
{
"db": "NVD",
"id": "CVE-2004-2147"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery of this vulnerability is credited to Zero \u003czerozero@controcultura.net\u003e.",
"sources": [
{
"db": "BID",
"id": "11259"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
}
],
"trust": 0.9
},
"cve": "CVE-2004-2147",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2004-2147",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-10575",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2004-2147",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200412-176",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-10575",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10575"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
},
{
"db": "NVD",
"id": "CVE-2004-2147"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return (\"\\n\") separating the headers from the body. It is alleged that Symantec Norton AntiVirus is prone to a denial of service vulnerability. \nThe discoverer of this issue reports that when a malformed email is received through Microsoft Outlook and Norton AntiVirus attempts to process this email, the Norton AntiVirus application will crash. \nSymantec is currently investigating this report; this BID will be updated as soon as this investigation is complete. It should also be noted that the discoverer of the issue has not provided any details about which versions may be affected by this issue, version information will be updated appropriately when this issue is investigated further",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2147"
},
{
"db": "BID",
"id": "11259"
},
{
"db": "VULHUB",
"id": "VHN-10575"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11259",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-2147",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200412-176",
"trust": 0.7
},
{
"db": "VULN-DEV",
"id": "20040925 NO BODY EMAILS AND NORTON ANTIVIRUS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-10575",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10575"
},
{
"db": "BID",
"id": "11259"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
},
{
"db": "NVD",
"id": "CVE-2004-2147"
}
]
},
"id": "VAR-200412-0566",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-10575"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:50:37.484000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-2147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.securityfocus.com/archive/82/376487/2004-09-24/2004-09-30/0"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11259"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-10575"
},
{
"db": "BID",
"id": "11259"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
},
{
"db": "NVD",
"id": "CVE-2004-2147"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-10575"
},
{
"db": "BID",
"id": "11259"
},
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
},
{
"db": "NVD",
"id": "CVE-2004-2147"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-10575"
},
{
"date": "2004-09-27T00:00:00",
"db": "BID",
"id": "11259"
},
{
"date": "2004-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-176"
},
{
"date": "2004-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2004-2147"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-10575"
},
{
"date": "2004-09-27T00:00:00",
"db": "BID",
"id": "11259"
},
{
"date": "2006-05-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200412-176"
},
{
"date": "2024-11-20T23:52:36.690000",
"db": "NVD",
"id": "CVE-2004-2147"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec Norton AntiVirus Malformed Email Service Rejection Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200412-176"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…