CVSS: 9.3EPSS: 97%CPEs: 37EXPL: 1CVE-2009-1430 – Symantec Multiple Product Intel Alert Originator Service Invalid Length Check Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-1430
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process. Desbordamiento múltiple de búfer basado en pila en IAO.EXE en el Intel Alert Originator Service en Symantec Alert Management System 2 (AMS2), tal como se utiliza en Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 anterior a v9.0 MR7, v10.0 y v10.1 anterior a v10.1 MR8, y v10.2 anterior a v10.2 MR2; Symantec Client Security (SCS) v2 anterior a v2.0 MR7 y v3 anterior a v3.1 MR8; y Symantec Endpoint Protection (SEP) anterior a v11.0 MR3, permite a atacantes remotos ejecutar código arbitrario a través de (1) un paquete elaborado o (2) los datos que aparentemente se reciban a del proceso MsgSys.exe. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec AntiVirus Corporate Edition, Symantec Client Security and Symantec Endpoint Protection. Authentication is not required to exploit this vulnerability. The specific flaws are exposed via the MsgSys.exe process that listens by default on TCP port 38929. This process forwards requests to the Intel Originator Service (ioa.exe) process. • https://www.exploit-db.com/exploits/16826 http://secunia.com/advisories/34856 http://www.securityfocus.com/archive/1/503080/100/0/threaded http://www.securityfocus.com/bid/34672 http://www.securityfocus.com/bid/34674 http://www.securitytracker.com/id?1022130 http://www.securitytracker.com/id?1022131 http://www.securitytracker.com/id?1022132 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.0EPSS: 0%CPEs: 7EXPL: 0CVE-2007-5829
https://notcve.org/view.php?id=CVE-2007-5829
The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions (group writable), which allows local admin users to gain root privileges by replacing unspecified files, which are executed when a user with physical access inserts a disk and the "Show Progress During Mount Scans" option is enabled. El escáner Disk Mount en Symantec AntiVirus para Macintosh versiones 9.x y 10.x, Norton AntiVirus para Macintosh versiones 10.0 y 10.1 y Norton Internet Security para Macintosh versiones 3.x , usa un directorio con permisos débiles (grupo grabable), que permite a usuarios administradores locales alcanzar privilegios de root mediante la sustitución de archivos no especificados, que se ejecutan cuando un usuario con acceso físico inserta un disco y la opción "Show Progress During Mount Scans" está habilitada. • http://osvdb.org/40864 http://secunia.com/advisories/27488 http://securityresponse.symantec.com/avcenter/security/Content/2007.11.02.html http://securitytracker.com/id?1018889 http://securitytracker.com/id?1018890 http://www.securityfocus.com/bid/26253 http://www.vupen.com/english/advisories/2007/3698 https://exchange.xforce.ibmcloud.com/vulnerabilities/38229 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 25EXPL: 2CVE-2007-3673 – Symantec AntiVirus - 'symtdi.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-3673
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite. Symantec symtdi.sys versiones anteriores a 7.0.0, tal y como se distribuye en Symantec AntiVirus Corporate Edition 9 hata 10.1 y Client Security 2.0 hasta 3.1, Norton AntiSpam 2005, y Norton AntiVirus, Internet Security, Personal Firewall, y System Works 2005 y 2006; permite a usuarios locales obtener privilegios mediante un Interrupt Request Packet (Irp) manipulado en una petición IOCTL 0x83022323 a \\symTDI\, que resulta en una sobre-escritura de memoria. • https://www.exploit-db.com/exploits/4178 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554 http://osvdb.org/36117 http://secunia.com/advisories/26042 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html http://securitytracker.com/id?1018372 http://www.securityfocus.com/bid/22351 http://www.vupen.com/english/advisories/2007/2507 https://exchange.xforce.ibmcloud.com/vulnerabilities/35347 •
CVSS: 9.3EPSS: 18%CPEs: 168EXPL: 0CVE-2007-0447 – Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-0447
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. Desbordamiento de búfer basado en pila en el componente Decomposer en múltiples producto Symantec que permiten a atacantes remotos ejecutar código de su elección a través de archivos .CAB manipulados. This vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of Symantec's AntiVirus Engine. User interaction is not required to exploit this vulnerability. The specific flaw exists during the process of scanning multiple maliciously formatted CAB archives. The parsing routine implicitly trusts certain user-supplied values that can result in an exploitable heap corruption. • http://osvdb.org/36118 http://secunia.com/advisories/26053 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html http://www.securityfocus.com/bid/24282 http://www.vupen.com/english/advisories/2007/2508 http://www.zerodayinitiative.com/advisories/ZDI-07-040.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 15%CPEs: 168EXPL: 0CVE-2007-3699 – Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability
https://notcve.org/view.php?id=CVE-2007-3699
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header. El componente Decomposer en múltiples productos Symantec permite a atacantes remotos provocar denegación de servicio (bucles infinitos) a través de ciertos valores en el campo PACK_SIZE de una cabecera de archivo RAR. This vulnerability allows attackers to create a denial of service condition on software with vulnerable installations of the Symantec's AntiVirus engine. Authentication is not required to exploit this vulnerability. The specific flaw resides in a forged PACK_SIZE field of a RAR file header. By setting this field to a specific value an infinite loop denial of service condition will occur when the scanner processes the file. • http://osvdb.org/36119 http://secunia.com/advisories/26053 http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html http://www.securityfocus.com/bid/24282 http://www.vupen.com/english/advisories/2007/2508 http://www.zerodayinitiative.com/advisories/ZDI-07-039.html •