NotCVE - vendor:"Symantec" product:"Norton Security" version:"

10 results (0.018 seconds)

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2016-5311

https://notcve.org/view.php?id=CVE-2016-5311

09 Jan 2020 — A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. Se presenta una vulnerabilidad de escalada de privilegios en Symantec Norton Antivirus, Norton AntiVirus with Backup, Nor... • http://www.securityfocus.com/bid/94295 • CWE-427: Uncontrolled Search Path Element •

CVSS: 6.5EPSS: 0%CPEs: 53EXPL: 0

CVE-2018-18366

https://notcve.org/view.php?id=CVE-2018-18366

25 Apr 2019 — Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory. Symantec Norton Security, versiones anteriores a 22.16.3, SEP (cliente Windows) versiones anteriores e incluyendo... • http://www.securityfocus.com/bid/107994 • CWE-908: Use of Uninitialized Resource •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2018-18369

https://notcve.org/view.php?id=CVE-2018-18369

25 Apr 2019 — Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Norton Security (cliente de Windows) anterior a la versión 22.16.3 y SEP SBE (cliente de Windows) anterior a las versiones Cloud Agent 3.00.31.2817, NIS-22.... • http://www.securityfocus.com/bid/107997 • CWE-426: Untrusted Search Path •

CVSS: 9.3EPSS: 11%CPEs: 44EXPL: 1

CVE-2016-2211 – Symantec Antivirus MSPACK Unpacking Memory Corruption

https://notcve.org/view.php?id=CVE-2016-2211

29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137708 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.0EPSS: 11%CPEs: 44EXPL: 2

CVE-2016-2209 – Symantec AntiVirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2016-2209

29 Jun 2016 — Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for Sha... • https://packetstorm.news/files/id/137712 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 6%CPEs: 37EXPL: 2

CVE-2016-3645 – Symantec AntiVirus - TNEF Decoder Integer Overflow

https://notcve.org/view.php?id=CVE-2016-3645

29 Jun 2016 — Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection... • https://packetstorm.news/files/id/137710 • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 31%CPEs: 37EXPL: 2

CVE-2016-3646 – Symantec AntiVirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink

https://notcve.org/view.php?id=CVE-2016-3646

CVSS: 10.0EPSS: 26%CPEs: 37EXPL: 2

CVE-2016-3644 – Symantec AntiVirus - Heap Overflow Modifying MIME Messages

https://notcve.org/view.php?id=CVE-2016-3644

CVSS: 10.0EPSS: 73%CPEs: 44EXPL: 2

CVE-2016-2207 – Symantec AntiVirus - Unpacking RAR Multiple Remote Memory Corruptions

https://notcve.org/view.php?id=CVE-2016-2207

CVSS: 9.0EPSS: 11%CPEs: 44EXPL: 2

CVE-2016-2210 – Symantec AntiVirus - 'dec2lha Library' Remote Stack Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2016-2210

29 Jun 2016 — Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for Sh... • https://packetstorm.news/files/id/137707 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •