Page 80 of 598 results (0.009 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-5126

https://notcve.org/view.php?id=CVE-2007-5126

Unspecified vulnerability in the client in Symantec Veritas Backup Exec for Windows Servers 11d has unknown impact and remote attack vectors. NOTE: this information is based upon a vague advisory by a vulnerability information sales organization that does not coordinate with vendors or release actionable advisories. A CVE has been assigned for tracking purposes, but duplicates with other CVEs are difficult to determine. Vulnerabilidad no especificada en el cliente de Symantec Veritas Backup Exec para Windows Servers 11d tiene impacto desconocido y vectores de ataque remotos. NOTA: esta información se basa en un aviso vago de una organización de venta de información de vulnerabilidades que no se coordina con fabricantes o avisos accionables de versiones. Se ha asignado un identificador CVE por motivos de seguimiento, pero es difícil determinar duplicados con otros CVEs. • http://osvdb.org/45522 http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000147 http://www.securityfocus.com/bid/25793 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-5047

https://notcve.org/view.php?id=CVE-2007-5047

Norton Internet Security 2008 15.0.0.60 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via the NtOpenSection kernel SSDT hook. NOTE: the NtCreateMutant and NtOpenEvent function hooks are already covered by CVE-2007-1793. Norton Internet Security 2008 15.0.0.60 no valida de forma adecuada ciertos parámetros en los manejadores de la función System Service Descriptor Table (SSDT), el cual permite a usuarios locales provocar denegación de servicio (caida) y posiblemente ganar privilegios a través del secuestro de NtOpenSection kernel SSDT. NOTA: las funciones NtCreateMutant y NtOpenEvent están cubiertas por CVE-2007-1793. • http://osvdb.org/45897 http://securityreason.com/securityalert/3161 http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php http://www.securityfocus.com/archive/1/479830/100/0/threaded • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 80%CPEs: 1EXPL: 0

CVE-2007-4422

https://notcve.org/view.php?id=CVE-2007-4422

The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames. La interfaz de inicio de sesión en Symantec Enterprise Firewall 6.x, cuando está habilitada la VPN con autenticación por clave compartida previamente (pre-shared key o PSK), genera diferentes respuestas dependiendo de si un nombre de usuario es válido o no, lo cual permite a atacantes remotos enumerar nombres de usuario válidos. • http://secunia.com/advisories/26511 http://www.osvdb.org/36489 http://www.securityfocus.com/bid/25338 http://www.securitytracker.com/id?1018578 http://www.symantec.com/avcenter/security/Content/2007.08.16.html http://www.vupen.com/english/advisories/2007/2909 https://exchange.xforce.ibmcloud.com/vulnerabilities/36081 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-4380

https://notcve.org/view.php?id=CVE-2007-4380

Aclient in Symantec Altiris Deployment Solution 6 before 6.8 SP2 (6.8.378) allows local users to gain local System privileges via the Log File Viewer. Aclient en Symantec Altiris Deployment Solution 6 anterior a 6.8 SP2 (6.8.378) permite a usuarios locales obtener privilegios de System en local mediante el Visor de Archivos de Registro (Log File Viewer). • http://secunia.com/advisories/26435 http://securityresponse.symantec.com/avcenter/security/Content/2007.08.13.html http://www.irmplc.com/index.php/111-Vendor-Alerts http://www.irmplc.com/index.php/152-Advisory-022 http://www.securityfocus.com/bid/25232 http://www.securitytracker.com/id?1018552 http://www.vupen.com/english/advisories/2007/2879 https://exchange.xforce.ibmcloud.com/vulnerabilities/36004 •

CVSS: 6.8EPSS: 84%CPEs: 4EXPL: 0

CVE-2007-2955

https://notcve.org/view.php?id=CVE-2007-2955

Multiple unspecified "input validation error" vulnerabilities in multiple ActiveX controls in NavComUI.dll, as used in multiple Norton AntiVirus, Internet Security, and System Works products for 2006, allows remote attackers to execute arbitrary code via (1) the AnomalyList property to AxSysListView32 and (2) Anomaly property to AxSysListView32OAA. Múltiples vulnerabilidades de "errores de validación de entrada" sin especificar en múltiples controles ActiveX en el NavComUI.dll, como el utilizado en el AntiVirus Norton, Internet Security y los productos System Works para 2006, permiten a atacantes remotos ejecutar código de su elección a través de (1) la propiedad AnomalyList del AxSysListView32 y (2) la propiedad Anomaly del AxSysListView32OAA. • http://secunia.com/advisories/25215 http://secunia.com/secunia_research/2007-53/advisory http://www.securityfocus.com/bid/24983 http://www.securitytracker.com/id?1018545 http://www.securitytracker.com/id?1018546 http://www.securitytracker.com/id?1018547 http://www.symantec.com/avcenter/security/Content/2007.08.09.html http://www.vupen.com/english/advisories/2007/2822 https://exchange.xforce.ibmcloud.com/vulnerabilities/35944 •