CVSS: 7.9EPSS: 17%CPEs: 5EXPL: 1CVE-2013-1612 – Symantec Endpoint Protection Manager 12.1.x - Overflow (SEH) (PoC)
https://notcve.org/view.php?id=CVE-2013-1612
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en secars.dll en la consola de gestión en Symantec Endpoint Protection Manager (SEPM) v12.1.x y Symantec Endpoint Protection Center (SPC) Small Business Edition v12.0.x, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. • https://www.exploit-db.com/exploits/33056 http://www.securityfocus.com/bid/60542 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20130618_00 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0CVE-2013-1611
https://notcve.org/view.php?id=CVE-2013-1611
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidades de secuencias de comandos entre sitios múltiples (XSS) en las interfaces administrativas en la consola de gestión en Symantec Brightmail Gateway v9.5.x que permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML a través de vectores no especificados • http://www.securityfocus.com/bid/59700 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130508_00 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1608
https://notcve.org/view.php?id=CVE-2013-1608
Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en Management Console del appliance Symantec NetBackup (NBU) v2.0.x, permite a atacantes remotos leer archivos de su elección a través de vectores no especificados. • http://www.securityfocus.com/bid/58542 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130320_00 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2013-1609
https://notcve.org/view.php?id=CVE-2013-1609
Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program. Múltiples vulnerabilidades de ruta no confiable en la búsqueda no literal de Windows en los servicios (1) File Collector y (2) File PlaceHolder en Symantec Enterprise Vault (EV) para File System Archiving anterior a v9.0.4 y v10.x anterior a v10.0.1, permite a usuarios locales obtener privilegios a través de un programa tipo troyano. • http://www.securityfocus.com/bid/58617 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130321_00 •
CVSS: 4.4EPSS: 0%CPEs: 12EXPL: 1CVE-2012-6533 – Symantec Encryption Desktop 10 - Local Buffer Overflow / Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2012-6533
Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application. Desbordamiento de buffer en pgpwded.sys del Symantec PGP Desktop v10.x and Encryption Desktop v10.3.0 antes de MP1 en Windows XP y Server 2003 que permite a usuarios locales escalar privilegios por medio de aplicaciones creadas para este propósito. • https://www.exploit-db.com/exploits/38299 http://www.securityfocus.com/bid/57835 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2013&suid=20130213_00 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •