CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5242
https://notcve.org/view.php?id=CVE-2018-5242
Norton App Lock prior to version 1.3.0.329 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access. Norton App Lock en versiones anteriores a la 1.3.0.329 puede ser susceptible a un exploit de omisión. En este tipo de circunstancia, el exploit puede permitir que el usuario omita la aplicación para evitar que bloquee el dispositivo, permitiendo que esa persona obtenga acceso al dispositivo. • http://www.securityfocus.com/bid/104414 https://support.symantec.com/en_US/article.SYMSA1453.html •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 1CVE-2018-5234 – Norton Core Secure WiFi Router - 'BLE' Command Injection (PoC)
https://notcve.org/view.php?id=CVE-2018-5234
The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software. El router Norton Core en versiones anteriores a la v237 podría ser susceptible a un exploit de inyección de comandos. Este es un tipo de ataque en el que el objetivo es la ejecución de comandos arbitrarios en el sistema host mediante software vulnerable. • https://www.exploit-db.com/exploits/44574 http://www.securityfocus.com/bid/103955 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20180430_00 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9094
https://notcve.org/view.php?id=CVE-2016-9094
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client. Los clientes de Symantec Endpoint Protection colocan el malware detectado en cuarentena como parte de la funcionalidad planeada del producto. • http://www.securityfocus.com/bid/96298 http://www.securitytracker.com/id/1037961 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6323
https://notcve.org/view.php?id=CVE-2017-6323
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts. Symantec Management Console, en versiones anteriores a la ITMS 8.1 RU1, ITMS 8.0_POST_HF6 e ITMS 7.6_POST_HF7, tiene un problema por el cual las entradas XML que contienen una referencia a una entidad externa son procesadas por un analizador XML mal configurado. Este ataque podría conducir a la revelación de datos confidenciales, denegación de servicio (DoS), Server-Side Request Forgery, escaneo de puertos desde la perspectiva de la máquina en la que está el analizador y otros impactos del sistema. • http://www.securityfocus.com/bid/98621 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170628_00 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2016-9093
https://notcve.org/view.php?id=CVE-2016-9093
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. • http://www.securityfocus.com/bid/96294 http://www.securitytracker.com/id/1037961 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 • CWE-20: Improper Input Validation •