CVSS: 8.8EPSS: 8%CPEs: 8EXPL: 0CVE-2015-5689 – Symantec Ghost Out-Of-Bounds Indexing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-5689
03 Sep 2015 — ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image. Vulnerabilidad en ghostexp.exe en Ghost Explorer Utility en Symantec Ghost Solutions Suite (GSS) ... • http://www.securityfocus.com/bid/76498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2012-0306
https://notcve.org/view.php?id=CVE-2012-0306
18 Oct 2012 — Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted backup file. Symantec Ghost Solution Suite v2.x hasta v2.5.1 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo de copia de seguridad manipulado. • http://www.securityfocus.com/bid/55748 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2008-0640
https://notcve.org/view.php?id=CVE-2008-0640
08 Feb 2008 — Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing. Symantec Ghost Solution Suite versión 1.1 anterior a 1.1 parche 2, versiones 2.0.0 y 2.0.1 no autentica las conexiones entre la consola y Ghost Management Agent, lo que permite a los atacantes remotos ejecutar comandos arbitrarios p... • http://secunia.com/advisories/28853 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2007-3132
https://notcve.org/view.php?id=CVE-2007-3132
08 Jun 2007 — Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp. Múltiples vulnerabilidades en Symantec Ghost Solution Suite 2.0.0 y versiones anteriores, con Ghost 8.0.992 y posiblemente otra versiones, permiten a atacantes remotos provocar una denegación de servicio (caída de cliente o servidor) mediante pe... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=540 •