CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2006-4802
https://notcve.org/view.php?id=CVE-2006-4802
14 Sep 2006 — Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor. Vulnerabilidad de formato de cadena en el servicio Real Time Virus Scan de Symantec AntiVirus Corporate Edition 8.1 a la 10.0, y Client Security... • http://secunia.com/advisories/21884 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2006-3454
https://notcve.org/view.php?id=CVE-2006-3454
14 Sep 2006 — Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages. Múltiples vulnerabilidades de cadenas de formato en Symantec AntiVirus Corporate Edition 8.1 hasta 10.0, y Client Security 1.x hasta 3.0, permiten a usuarios locales ejecutar código de su elección mediante cadenas de formato en (1) Protección de Alter... • http://layereddefense.com/SAV13SEPT.html •
CVSS: 8.8EPSS: 10%CPEs: 49EXPL: 0CVE-2005-0249
https://notcve.org/view.php?id=CVE-2005-0249
08 Feb 2005 — Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. • http://securitytracker.com/id?1013133 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0920
https://notcve.org/view.php?id=CVE-2004-0920
06 Oct 2004 — Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS device name. Symantec Norton Antivirus 2004 y versiones anteriores permiten a un virus u otro código malicioso evitar ser detectados o causar una denegación de servicio (caída de aplicación) usando un nombre de fichero que contenga un nombre de dispositivo de MS-DOS. • http://www.idefense.com/application/poi/display?id=147&type=vulnerabilities •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2000-0238
https://notcve.org/view.php?id=CVE-2000-0238
17 Mar 2000 — Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. • http://www.securityfocus.com/bid/1064 •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1323
https://notcve.org/view.php?id=CVE-1999-1323
09 Apr 1999 — Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE. • http://marc.info/?l=ntbugtraq&m=92370067416739&w=2 •