CVE-2008-5543
https://notcve.org/view.php?id=CVE-2008-5543
Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. Symantec AntiVirus (SAV) 10, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detección de malware en un documento HTML colocando una cabecera MZ (alias "EXE info") al principio, y modificar el nombre del archivo a (1 ) sin extensión, (2) una extensión. txt, o (3) una extensión .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745. • http://securityreason.com/securityalert/4723 http://www.securityfocus.com/archive/1/498995/100/0/threaded http://www.securityfocus.com/archive/1/499043/100/0/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 • CWE-20: Improper Input Validation •
CVE-2008-0313
https://notcve.org/view.php?id=CVE-2008-0313
The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly determine the location of the AutoFix Tool, which allows remote attackers to execute arbitrary code via a remote (1) WebDAV or (2) SMB share. El método ActiveDataInfo.LaunchProcess en el control ActiveX 2.7.0.1 SymAData.ActiveDataInfo.1 en SYMADATA.DLL sobre múltiples productos Symantec Norton incluyendo Norton 360 1.0, AntiVirus 2006 al 2008, Internet Security 2006 al 2008, y System Works 2006 al 2008, no es capaz de determinar correctamente la ubicación de AutoFix Tool, lo que permite a atacantes remotos ejecutar código de su elección a través de un recurso compartido del tipo (1) WebDAV o (2) SMB. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=678 http://secunia.com/advisories/29660 http://securityresponse.symantec.com/avcenter/security/Content/2008.04.02a.html http://www.securityfocus.com/bid/28509 http://www.securitytracker.com/id?1019751 http://www.securitytracker.com/id?1019752 http://www.securitytracker.com/id?1019753 http://www.vupen.com/english/advisories/2008/1077/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41631 •
CVE-2008-0312
https://notcve.org/view.php?id=CVE-2008-0312
Stack-based buffer overflow in the AutoFix Support Tool ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products, including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, allows remote attackers to execute arbitrary code via a long argument to the GetEventLogInfo method. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer basado en pila en el AutoFix Support Tool ActiveX control 2.7.0.1 en SYMADATA.DLL de múltiples productos de Symantec Norton, incluyendo Norton 360 1.0, AntiVirus 2006 hasta 2008, Internet Security 2006 hasta 2008, y System Works 2006 hasta 2008; permite a atacantes remotos ejecutar código de su elección mediante un argumento largo al método GetEventLogInfo. NOTA: Algunos de estos detalles se han obtenido de información de terceros. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=677 http://secunia.com/advisories/29660 http://securityresponse.symantec.com/avcenter/security/Content/2008.04.02a.html http://www.securityfocus.com/bid/28507 http://www.securitytracker.com/id?1019751 http://www.securitytracker.com/id?1019752 http://www.securitytracker.com/id?1019753 http://www.vupen.com/english/advisories/2008/1077/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41629 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-0309
https://notcve.org/view.php?id=CVE-2008-0309
Stack-based buffer overflow in Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp). Vulnerabilidad de Desbordamiento de búfer basado en pila en Symantec Decomposer incluído en productos como Symantec Scan Engine 5.1.2 y versiones anteriores a 5.1.6.31, que permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (caída de aplicación) a través de un fichero RAR mal formado al puerto (1344/tcp) Internet Content Adaptation Protocol (ICAP) • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=667 http://secunia.com/advisories/29140 http://www.securityfocus.com/bid/27913 http://www.securitytracker.com/id?1019503 http://www.symantec.com/avcenter/security/Content/2008.02.27.html http://www.vupen.com/english/advisories/2008/0680 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-0308
https://notcve.org/view.php?id=CVE-2008-0308
Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp). Symantec Decomposer, como se usa en ciertos productos antivirus Symantec incluyendo Symantec Scan Engine 5.1.2 y otras versiones antes de 5.1.6.31, permite a atacantes remotos provocar una denegación de servicio (agotamiento de memoria) a través de un archivo RAR mal formado al puerto (1344/tcp) del Internet Content Adaptation Protocol (ICAP) (Protocolo de Adaptación de Contenido de Internet). • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=666 http://secunia.com/advisories/29140 http://www.securityfocus.com/bid/27911 http://www.securitytracker.com/id?1019503 http://www.symantec.com/avcenter/security/Content/2008.02.27.html http://www.vupen.com/english/advisories/2008/0680 • CWE-399: Resource Management Errors •