CVE-2016-5311
https://notcve.org/view.php?id=CVE-2016-5311
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. Se presenta una vulnerabilidad de escalada de privilegios en Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud y Endpoint Protection Cloud Client, debido a una precarga de DLL sin restricciones de ruta, que podría permitir a un usuario malicioso local obtener privilegios system. • http://www.securityfocus.com/bid/94295 http://www.securitytracker.com/id/1037323 http://www.securitytracker.com/id/1037324 http://www.securitytracker.com/id/1037325 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161117_00 • CWE-427: Uncontrolled Search Path Element •
CVE-2018-12238
https://notcve.org/view.php?id=CVE-2018-12238
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected. Norton en versiones anteriores a la 22.15; Symantec Endpoint Protection (SEP) en versiones anteriores a la 12.1.7454.7000 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) en versiones anteriores a la NIS-22.15.1.8 SEP-12.1.7454.7000; y Symantec Endpoint Protection Cloud (SEP Cloud) en versiones anteriores a la 22.15.1 pueden ser susceptibles a un problema de omisión de antivirus, que es un tipo de explotación que sirve para eludir uno de los motores de detección de virus y así evitar un tipo de protección antivirus específico. Uno de los motores antivirus depende de un patrón de firma de una base de datos para identificar archivos maliciosos y virus; la explotación de omisión de antivirus busca alterar el archivo que se está analizando para que no sea detectado. • http://www.securityfocus.com/bid/105917 https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html •
CVE-2018-12239
https://notcve.org/view.php?id=CVE-2018-12239
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected. Norton en versiones anteriores a la 22.15; Symantec Endpoint Protection (SEP) en versiones anteriores a la 12.1.7454.7000 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) en versiones anteriores a la NIS-22.15.1.8 SEP-12.1.7454.7000; y Symantec Endpoint Protection Cloud (SEP Cloud) en versiones anteriores a la 22.15.1 puede ser susceptible a un problema de omisión de antivirus, que es un tipo de explotación que sirve para eludir uno de los motores de detección de virus y así evitar un tipo de protección antivirus específico. Uno de los motores antivirus depende de un patrón de firma de una base de datos para identificar archivos maliciosos y virus; la explotación de omisión de antivirus busca alterar el archivo que se está analizando para que no sea detectado. • http://www.securityfocus.com/bid/105918 https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html •
CVE-2007-3800
https://notcve.org/view.php?id=CVE-2007-3800
Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client Security 2.0 through 3.1, when the Notification Message window is enabled, allows local users to gain privileges via crafted code. Vulnerabilidad no especificada en el componente Real-time scanner (RTVScan) en Symantec AntiVirus Corporate Edition 9.0 hasta la 10.1 y Client Security 2.0 hasta la 3.1, cuando la ventana Notification Message está activada, permite a usuarios locales ganar privilegios a través de código manipulado. • http://osvdb.org/36116 http://secunia.com/advisories/26054 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html http://www.securityfocus.com/bid/24810 http://www.vupen.com/english/advisories/2007/2506 https://exchange.xforce.ibmcloud.com/vulnerabilities/35352 •
CVE-2006-4855 – Symantec (Multiple Products) - 'SymEvent' Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2006-4855
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data. El driver \Device\SymEvent en Symantec Norton Personal Firewall 2006 9.1.0.33, y otras versiones del Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, y 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0 y 10.1, Symantec pcAnywhere 11.5 y Symantec Host, permite a usuarios locales provocar una denegación de servicio (caída del sistema) vía una información inválida, como ha sido demostrado llamando a DeviceIoControl para enviar la información. • https://www.exploit-db.com/exploits/28588 http://secunia.com/advisories/21938 http://securityreason.com/securityalert/1591 http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html http://securitytracker.com/id?1016889 http://securitytracker.com/id?1016892 http://securitytracker.com/id?1016893 http://securitytracker.com/id?1016894 http://securitytracker.com/id? • CWE-399: Resource Management Errors •