Page 5 of 39 results (0.004 seconds)

CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0

Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected. Norton en versiones anteriores a la 22.15; Symantec Endpoint Protection (SEP) en versiones anteriores a la 12.1.7454.7000 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) en versiones anteriores a la NIS-22.15.1.8 SEP-12.1.7454.7000; y Symantec Endpoint Protection Cloud (SEP Cloud) en versiones anteriores a la 22.15.1 puede ser susceptible a un problema de omisión de antivirus, que es un tipo de explotación que sirve para eludir uno de los motores de detección de virus y así evitar un tipo de protección antivirus específico. Uno de los motores antivirus depende de un patrón de firma de una base de datos para identificar archivos maliciosos y virus; la explotación de omisión de antivirus busca alterar el archivo que se está analizando para que no sea detectado. • http://www.securityfocus.com/bid/105918 https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. Symantec Endpoint Protection, en versiones anteriores a 14 RU1 MP1 o 12.1 RU6 MP10, podría ser susceptible a una vulnerabilidad de escalado de privilegios. Este tipo de problema permite que un usuario obtenga accesos elevados a recursos que, normalmente, suelen estar protegidos en niveles de acceso más bajos. • http://www.securityfocus.com/bid/104199 http://www.securitytracker.com/id/1041180 https://support.symantec.com/en_US/article.SYMSA1454.html •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events. Symantec Endpoint Protection en versiones anteriores a la 14 RU1 MP1 o 12.1 RU6 MP10 podría ser vulnerable a una condición de carrera may be susceptible to a race condition (o condición de secuencia). Este tipo de problema ocurre en software cuando la salida depende de la secuencia o de la sincronización de otros eventos que no pueden controlarse. • http://www.securityfocus.com/bid/104198 http://www.securitytracker.com/id/1041180 https://support.symantec.com/en_US/article.SYMSA1454.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client. Los clientes de Symantec Endpoint Protection colocan el malware detectado en cuarentena como parte de la funcionalidad planeada del producto. • http://www.securityfocus.com/bid/96298 http://www.securitytracker.com/id/1037961 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 • CWE-20: Improper Input Validation •

CVSS: 7.0EPSS: 0%CPEs: 8EXPL: 0

A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. • http://www.securityfocus.com/bid/96294 http://www.securitytracker.com/id/1037961 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170306_00 • CWE-20: Improper Input Validation •