CVSS: 7.5EPSS: 12%CPEs: 9EXPL: 0CVE-2004-0369
https://notcve.org/view.php?id=CVE-2004-0369
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. • http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html http://www.auscert.org.au/render.html?it=4339 http://www.ciac.org/ciac/bulletins/o-206.shtml http://www.securityfocus.com/bid/11039 http://xforce.iss.net/xforce/alerts/id/181 https://exchange.xforce.ibmcloud.com/vulnerabilities/15669 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2CVE-2004-0192 – Symantec Gateway Security 5400 Series 2.0 - Error Page Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2004-0192
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el Servicio de Administración de Symantec Gateway Security 2.0 permite a atacantes remotos robar cookies y secuestrar una sesión de administración mediante una URL /smgi que contiene un script malicioso, que no es puesto entre comillas en la página de error resultante. • https://www.exploit-db.com/exploits/23764 http://marc.info/?l=bugtraq&m=107790684732458&w=2 http://www.securityfocus.com/bid/9755 https://exchange.xforce.ibmcloud.com/vulnerabilities/15330 •