CVSS: 9.6EPSS: 1%CPEs: 1EXPL: 0CVE-2024-23617 – Symantec Data Loss Prevention Buffer Overflow
https://notcve.org/view.php?id=CVE-2024-23617
25 Jan 2024 — A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution. Existe una vulnerabilidad de desbordamiento de búfer en Symantec Data Loss Prevention versión 14.0.2 y anteriores. Un atacante remoto y no autenticado puede aprovechar esta vulnerabilidad incitando a un usuario a abrir un documento manipulado para lograr la ejecución del có... • https://blog.exodusintel.com/2024/01/25/symantec-data-loss-prevention-wp6sr-dll-stack-buffer-overflow-remote-code-execution • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.6EPSS: 1%CPEs: 7EXPL: 0CVE-2015-8799
https://notcve.org/view.php?id=CVE-2015-8799
08 Jun 2016 — Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated use... • http://www.securityfocus.com/bid/90885 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •