CVSS: 5.5EPSS: 7%CPEs: 43EXPL: 2CVE-2016-5309 – Symantec RAR Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2016-5309
14 Apr 2017 — The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec ... • https://www.exploit-db.com/exploits/40405 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 9%CPEs: 43EXPL: 2CVE-2016-5310 – Symantec RAR Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write
https://notcve.org/view.php?id=CVE-2016-5310
14 Apr 2017 — The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec ... • https://www.exploit-db.com/exploits/40405 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 21%CPEs: 37EXPL: 2CVE-2016-3644 – Symantec AntiVirus - Heap Overflow Modifying MIME Messages
https://notcve.org/view.php?id=CVE-2016-3644
29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137709 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 53%CPEs: 37EXPL: 2CVE-2016-3645 – Symantec AntiVirus - TNEF Decoder Integer Overflow
https://notcve.org/view.php?id=CVE-2016-3645
29 Jun 2016 — Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection... • https://packetstorm.news/files/id/137710 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 23%CPEs: 37EXPL: 2CVE-2016-3646 – Symantec AntiVirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink
https://notcve.org/view.php?id=CVE-2016-3646
29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137711 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 23%CPEs: 44EXPL: 2CVE-2016-2207 – Symantec AntiVirus - Unpacking RAR Multiple Remote Memory Corruptions
https://notcve.org/view.php?id=CVE-2016-2207
29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137706 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 39%CPEs: 44EXPL: 2CVE-2016-2209 – Symantec AntiVirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2016-2209
29 Jun 2016 — Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for Sha... • https://packetstorm.news/files/id/137712 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 39%CPEs: 44EXPL: 2CVE-2016-2210 – Symantec AntiVirus - 'dec2lha Library' Remote Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2016-2210
29 Jun 2016 — Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for Sh... • https://packetstorm.news/files/id/137707 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 10%CPEs: 44EXPL: 1CVE-2016-2211 – Symantec Antivirus MSPACK Unpacking Memory Corruption
https://notcve.org/view.php?id=CVE-2016-2211
29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137708 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 86%CPEs: 6EXPL: 6CVE-2013-5014 – Symantec Endpoint Protection Manager - Remote Command Execution
https://notcve.org/view.php?id=CVE-2013-5014
14 Feb 2014 — The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. La consola de gestión en Symantec Endpoint Protection Manager (SEPM) 11.0 anteriorm a 11.0.7405.1424 y 12.1 an... • https://packetstorm.news/files/id/125366 •