CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-12239
https://notcve.org/view.php?id=CVE-2018-12239
29 Nov 2018 — Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a datab... • http://www.securityfocus.com/bid/105918 •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-5237
https://notcve.org/view.php?id=CVE-2018-5237
20 Jun 2018 — Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. Symantec Endpoint Protection, en versiones anteriores a 14 RU1 MP1 o 12.1 RU6 MP10, podría ser susceptible a una vulnerabilidad de escalado de privilegios. Este tipo de problema permite que un usuario obtenga accesos elevados a recursos que, normalmen... • http://www.securityfocus.com/bid/104199 •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-5236
https://notcve.org/view.php?id=CVE-2018-5236
20 Jun 2018 — Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events. Symantec Endpoint Protection en versiones anteriores a la 14 RU1 MP1 o 12.1 RU6 MP10 podría ser vulnerable a una condición de carrera may be susceptible to a race condition (o condición de secuencia). Este tipo de problema ocurre en software cuando la salida depe... • http://www.securityfocus.com/bid/104198 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0CVE-2016-9093
https://notcve.org/view.php?id=CVE-2016-9093
16 Apr 2018 — A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will... • http://www.securityfocus.com/bid/96294 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-9094
https://notcve.org/view.php?id=CVE-2016-9094
16 Apr 2018 — Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intende... • http://www.securityfocus.com/bid/96298 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 93%CPEs: 1EXPL: 2CVE-2017-6331 – Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass
https://notcve.org/view.php?id=CVE-2017-6331
06 Nov 2017 — Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients. En versiones anteriores a SEP 14 RU1, el producto Symantec Endpoint Protection puede encontrarse con un problema de omisión de protección contra manipulaciones, que es un tipo de ataque que omite la protección en tiempo real para la aplicación que se ejecuta en servidores y cliente... • https://packetstorm.news/files/id/144950 •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-13680
https://notcve.org/view.php?id=CVE-2017-13680
06 Nov 2017 — Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system. En versiones anteriores a SEP 12.1 RU6 MP9 SEP 14 RU1, el endpoint Symantec Endpoint Protection Windows puede encontrarse con una situación en la que un atacante podría emplear la interfaz de usuario del producto para realizar borrados no autorizados de archivos en el sistema de archivos... • http://www.securityfocus.com/bid/101503 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13681
https://notcve.org/view.php?id=CVE-2017-13681
06 Nov 2017 — Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack. Symantec Endpoint Protection, en versiones... • http://www.securityfocus.com/bid/101504 •
CVSS: 5.5EPSS: 0%CPEs: 43EXPL: 2CVE-2016-5309 – Symantec RAR Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2016-5309
14 Apr 2017 — The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec ... • https://www.exploit-db.com/exploits/40405 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 43EXPL: 2CVE-2016-5310 – Symantec RAR Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2016-5310
14 Apr 2017 — The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec ... • https://www.exploit-db.com/exploits/40405 • CWE-787: Out-of-bounds Write •