CVE-2016-2207 – Symantec AntiVirus - Unpacking RAR Multiple Remote Memory Corruptions
https://notcve.org/view.php?id=CVE-2016-2207
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression. El motor AntiVirus Decomposer en Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x hasta la versión 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) en versiones anteriores a 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) para Linux en versiones anteriores a 12.1 RU6 MP5; Symantec Protection Engine (SPE) en veriones anteriores a 7.0.5 HF01, 7.5.x en versiones anteriores a 7.5.3 HF03, 7.5.4 en versiones anteriores a HF01 y 7.8.0 en versiones anteriores a HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 hasta la versión 6.0.5 en versiones anteriores a 6.0.5 HF 1.5 y 6.0.6 en versiones anteriores a HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) en versiones anteriores a 7.0_3966002 HF1.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) en versiones anteriores a 8.0.9 HF1.1 y 8.1.x en versiones anteriores a 8.1.3 HF1.2; CSAPI en versiones anteriores a 10.0.4 HF01; Symantec Message Gateway (SMG) en versiones anteriores a 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 en versiones anteriores a patch 254 y 10.6 en versiones anteriores a patch 253; Norton AntiVirus, Norton Security, Norton Internet Security y Norton 360 en versiones anteriores a NGC 22.7; Norton Security para Mac en versiones anteriores a 13.0.2; Norton Power Eraser (NPE) en versiones anteriores a 5.1; y Norton Bootable Removal Tool (NBRT) en versiones anteriores a 2016.1 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (violación de acceso a memoria) a través de un archivo RAR manipulado que es manejado incorrectamente durante la descompresión. Symantec Antivirus version 5.3.11 suffers from multiple remote memory corruption vulnerabilities when unpacking RAR files. • https://www.exploit-db.com/exploits/40031 http://www.securityfocus.com/bid/91434 http://www.securitytracker.com/id/1036198 http://www.securitytracker.com/id/1036199 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 • CWE-20: Improper Input Validation •
CVE-2010-3887
https://notcve.org/view.php?id=CVE-2010-3887
The Limit Mail feature in the Parental Controls functionality in Mail on Apple Mac OS X does not properly enforce the correspondence whitelist, which allows remote attackers to bypass intended access restrictions and conduct e-mail communication by leveraging knowledge of a child's e-mail address and a parent's e-mail address, related to parental notification of unapproved e-mail addresses. La característica 'límite de correo' en la funcionalidad control parental en la aplicación Mail de Apple Mac OS X no aplica correctamente la lista blanca de la correspondencia, lo que permite a atacantes remotos evitar determinadas restricciones de acceso y llevar a cabo una comunicación por correo electrónico aprovechandose de que se conoce una dirección de correo electrónico de un niño y de un padre. Esta vulnerabilidad esta relacionada con la notificación a los padres de las direcciones de correo electrónico no aprobadas. • http://blog.kamens.us/2010/08/03/mac-os-x-mail-parental-controls-vulnerability • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-4491
https://notcve.org/view.php?id=CVE-2008-4491
Apple Mail.app 3.5 on Mac OS X, when "Store draft messages on the server" is enabled, stores draft copies of S/MIME email in plaintext on the email server, which allows server owners and remote man-in-the-middle attackers to read sensitive mail. Apple Mail.app v3.5 en Mac OS X, cuando está habilitado "Guardar los borradores en el servidor", guarda los borradores del correo electrónico S/MIME en texto plano en el servidor de correo, esto permite a los propietarios del servidor y a atacantes de tipo "hombre en el medio" (man-in-the-middle) leer los borradores. • http://enablesecurity.com/2008/10/03/apple-mailapp-security-advisory http://resources.enablesecurity.com/advisories/apple-mailapp-smime.txt http://securityreason.com/securityalert/4363 http://www.securityfocus.com/archive/1/497057/100/0/threaded http://www.securityfocus.com/bid/31598 http://www.securitytracker.com/id?1021019 https://exchange.xforce.ibmcloud.com/vulnerabilities/45688 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-0039
https://notcve.org/view.php?id=CVE-2008-0039
Unspecified vulnerability in Mail in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary commands via a crafted file:// URL. Vulnerabilidad sin especificar en Apple Mail de Mac OS X 10.4.11 permite a atacantes remotos ejecutar comandos de su elección a través de un file:// URL manipulado. • http://docs.info.apple.com/article.html?artnum=307430 http://lists.apple.com/archives/security-announce/2008/Feb/msg00002.html http://secunia.com/advisories/28891 http://www.securityfocus.com/bid/27736 http://www.securitytracker.com/id?1019361 http://www.us-cert.gov/cas/techalerts/TA08-043B.html http://www.vupen.com/english/advisories/2008/0495/references • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2005-2512
https://notcve.org/view.php?id=CVE-2005-2512
Mail.app in Mac OS 10.4.2 and earlier, when printing or forwarding an HTML message, loads remote images even when the user's preferences state otherwise, which could result in a privacy leak. • http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html •