CVSS: 9.3EPSS: 9%CPEs: 10EXPL: 0CVE-2012-4953
https://notcve.org/view.php?id=CVE-2012-4953
14 Nov 2012 — The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file. El motor de descomposición en Symantec Endpoint Protection (SEP) v11.0, Symantec Endpo... • http://www.kb.cert.org/vuls/id/985625 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0CVE-2012-1821
https://notcve.org/view.php?id=CVE-2012-1821
24 May 2012 — The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic. El módulo Network Threat Protection en Manager component en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.700x en Windows Server 2003 permite a atacantes remotos causar una de... • http://osvdb.org/82147 •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 2CVE-2012-0289 – Symantec Endpoint Protection SemSvc.exe AgentServlet Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0289
23 May 2012 — Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script. Desbordamiento de búfer en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.710x y Symantec Network Access Control (SNAC) v11.0.600x hasta v11.0.710x, permite a usuarios locales obtener privilegios, y modificar los datos o causar una denegació... • https://www.exploit-db.com/exploits/18916 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2012-0294
https://notcve.org/view.php?id=CVE-2012-0294
23 May 2012 — Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors. Vulnerabilidad de salto de directorio en el Servicio Manager en la consola de administracion en Symantec Endpoint Protection (SEP) v12.1 anterior a v12.1 RU1-MP1 permite a atacantes remotos eliminar ficheros mediante vectores desconocidos. • http://www.securityfocus.com/bid/53182 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 6%CPEs: 3EXPL: 0CVE-2012-0295
https://notcve.org/view.php?id=CVE-2012-0295
23 May 2012 — The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294. El servicio The Manager de la consola de administración de Symantec Endpoint Protection (SEP) v12.1 anterior a 12.1 RU1-MP1 permite a atacantes remotos realizar ataques de inserción de archivos y ejecutar código arbitrario mediante el aprovechamiento de la explotación de C... • http://www.securityfocus.com/bid/53183 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-1421
https://notcve.org/view.php?id=CVE-2012-1421
21 Mar 2012 — The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. El analizador de archivos TAR en Quick Heal ... • http://osvdb.org/80409 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 60%CPEs: 16EXPL: 0CVE-2012-1425
https://notcve.org/view.php?id=CVE-2012-1425
21 Mar 2012 — The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Prote... • http://osvdb.org/80389 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 56%CPEs: 36EXPL: 0CVE-2012-1443
https://notcve.org/view.php?id=CVE-2012-1443
21 Mar 2012 — The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky An... • http://osvdb.org/80454 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 3%CPEs: 14EXPL: 0CVE-2012-1446
https://notcve.org/view.php?id=CVE-2012-1446
21 Mar 2012 — The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attac... • http://osvdb.org/80426 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 27%CPEs: 20EXPL: 0CVE-2012-1456
https://notcve.org/view.php?id=CVE-2012-1456
21 Mar 2012 — The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, Rising Ant... • http://osvdb.org/80389 • CWE-264: Permissions, Privileges, and Access Controls •