CVSS: 9.3EPSS: 3%CPEs: 10EXPL: 0CVE-2012-6277
https://notcve.org/view.php?id=CVE-2012-6277
21 Feb 2020 — Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of unde... • https://support.symantec.com/us/en/article.symsa1262.html •
CVSS: 4.8EPSS: 1%CPEs: 15EXPL: 2CVE-2019-9701 – Symantec DLP 15.5 MP1 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-9701
19 Jun 2019 — DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. DLP versión 15.5 MP1 y todas las versiones anteriores puede ser susceptible a una vulnerabilidad de tipo cross site scripting (XSS), que es un tipo de problema que puede permitir a... • https://packetstorm.news/files/id/153512 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0CVE-2014-9230
https://notcve.org/view.php?id=CVE-2014-9230
28 Jun 2015 — Cross-site scripting (XSS) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en la consola de administración en Enforce Server en Symantec Data Loss Prevention (DLP) anterior a 12.5.2 permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a través de vectores no especificados. • http://www.securityfocus.com/bid/75288 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-1485
https://notcve.org/view.php?id=CVE-2015-1485
28 Jun 2015 — Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authentication of administrators. Vulnerabilidad de CSRF en la consola de administración en Enforce Server en Symantec Data Loss Prevention (DLP) anterior a 12.5.2 permite a atacantes remotos secuestrar la autenticación de administradores. • http://www.securityfocus.com/bid/75289 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: 10%CPEs: 24EXPL: 0CVE-2011-0548
https://notcve.org/view.php?id=CVE-2011-0548
18 Jul 2011 — Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .prz file. NOTE: this may overlap CVE-2011-1217. Desbordamiento de búfer en Lotus Freelance Graphics PRZ file viewer... • http://secunia.com/advisories/44779 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 31EXPL: 1CVE-2009-3032
https://notcve.org/view.php?id=CVE-2009-3032
05 Mar 2010 — Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow. Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 16%CPEs: 70EXPL: 0CVE-2009-3037
https://notcve.org/view.php?id=CVE-2009-3037
01 Sep 2009 — Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to execute arbitrary code via a crafted .xls spreadsheet attachment. Desbordamiento de búfer en xlssr.dll en Autonomy KeyView XLS viewer(también conocido como File Viewer para Excel)usado en IBM Lotus Notes v5.x hasta v8.5.x, Symantec Ma... • http://secunia.com/advisories/36472 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 43%CPEs: 67EXPL: 0CVE-2008-4564
https://notcve.org/view.php?id=CVE-2008-4564
18 Mar 2009 — Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute arbitrary code via a crafted Word Perfect Document (WPD) file. Desbordamiento de búfer basado en pila en wp6sr.dll en el Autonomy KeyView SDK 10.4 y anteriores, como es usado en IBM Lotus Notes, productos Symantec Mail Security (SMS)... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=774 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •