CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6329
https://notcve.org/view.php?id=CVE-2017-6329
Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a DLL Pre-Loading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, the application will generally follow a specific search path to locate the DLL. The exploitation of the vulnerability manifests as a simple file write (or potentially an over-write) which results in a foreign executable running under the context of the application. Symantec VIP Access for Desktop en versiones anteriores a la 2.2.4 puede ser susceptible a una vulnerabilidad de precarga de DLL. • http://www.securityfocus.com/bid/100200 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170821_00 • CWE-427: Uncontrolled Search Path Element •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-6328 – Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2017-6328
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. A CSRF attack attempts to exploit the trust that a specific website has in a user's browser. Symantec Messaging Gateway en versiones anteriores a la 10.6.3-267 puede encontrarse con un problema de tipo cross site request forgery (también conocido como ataque en un clic y abreviado como CSRF o XSRF), que es un tipo de exploit malicioso de un sitio web en el que un usuario en el que confía la aplicación web transmite comandos sin autorización. Un ataque CSRF intenta explotar la confianza que un sitio web específico tiene en el navegador de un usuario. • https://www.exploit-db.com/exploits/42613 http://www.securityfocus.com/bid/100136 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170810_00 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 17%CPEs: 1EXPL: 1CVE-2017-6327 – Symantec Messaging Gateway Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-6327
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges. En versiones anteriores a la 10.6.3-267 de Symantec Messaging Gateway puede encontrarse un problema de ejecución remota de código que describe una situación en la que un individuo puede conseguir ejecutar comandos de forma remota en una máquina objetivo o en un proceso objetivo. En esta situación, tras haber obtenido el acceso al sistema, el atacante podría intentar elevar sus privilegios. Symantec Messaging Gateway versions 10.6.3-2 and below suffer from an unauthenticated remote code execution vulnerability. • https://www.exploit-db.com/exploits/42519 http://seclists.org/fulldisclosure/2017/Aug/28 http://www.securityfocus.com/bid/100135 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170810_00 •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6325
https://notcve.org/view.php?id=CVE-2017-6325
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. This file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application. El producto Symantec Messaging Gateway, puede detectar una vulnerabilidad de inclusión de archivos, que es un tipo de vulnerabilidad que comúnmente afecta a las aplicaciones web que dependen de un tiempo de ejecución de scripting. • http://www.securityfocus.com/bid/98890 http://www.securitytracker.com/id/1038785 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170621_00 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6324
https://notcve.org/view.php?id=CVE-2017-6324
The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro through despite the administrator having the 'disarm' functionality enabled. This constitutes a 'bypass' of the disarm functionality resident to the application. El producto Symantec Messaging Gateway, cuando procesa un archivo adjunto de correo electrónico específico, puede permitir que un archivo de Word malformado o corrupto con una macro potencialmente maliciosa a pesar de que el administrador tiene habilitada la funcionalidad “disarm”. Esto constituye un “bypass” de la funcionalidad disarm residente en la aplicación. • http://www.securityfocus.com/bid/98889 http://www.securitytracker.com/id/1038785 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170621_00 •