CVSS: 8.8EPSS: 74%CPEs: 6EXPL: 6CVE-2013-5015 – Symantec Endpoint Protection Manager - Remote Command Execution
https://notcve.org/view.php?id=CVE-2013-5015
14 Feb 2014 — SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en la consola de gestión en Symantec Endpoint Protection Manager (SEPM) 11.0 anterior a 11.0.7405.1424 y 12.1 anterior a 12.1.4023.4080 y Symante... • https://packetstorm.news/files/id/125366 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 3%CPEs: 5EXPL: 2CVE-2013-1612 – Symantec Endpoint Protection Manager 12.1.x - Overflow (SEH) (PoC)
https://notcve.org/view.php?id=CVE-2013-1612
20 Jun 2013 — Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en secars.dll en la consola de gestión en Symantec Endpoint Protection Manager (SEPM) v12.1.x y Symantec Endpoint Protection Center (SPC) Small Business Edition v12.0.x, lo que permite a atacantes remotos ejecut... • https://packetstorm.news/files/id/126363 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 29%CPEs: 8EXPL: 0CVE-2009-1431
https://notcve.org/view.php?id=CVE-2009-1431
29 Apr 2009 — XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 •
CVSS: 10.0EPSS: 89%CPEs: 37EXPL: 3CVE-2009-1429 – Symantec Multiple Product Intel Alert Originator Service Command Execution Vulnerabilty
https://notcve.org/view.php?id=CVE-2009-1429
28 Apr 2009 — The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafte... • https://www.exploit-db.com/exploits/10340 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 60%CPEs: 37EXPL: 1CVE-2009-1430 – Symantec Multiple Product Intel Alert Originator Service Invalid Length Check Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-1430
28 Apr 2009 — Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attacker... • https://www.exploit-db.com/exploits/16826 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •