CVSS: 5.5EPSS: 56%CPEs: 36EXPL: 0CVE-2012-1443
https://notcve.org/view.php?id=CVE-2012-1443
21 Mar 2012 — The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky An... • http://osvdb.org/80454 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 86%CPEs: 29EXPL: 0CVE-2012-1457
https://notcve.org/view.php?id=CVE-2012-1457
21 Mar 2012 — The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning E... • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 91%CPEs: 35EXPL: 0CVE-2012-1459
https://notcve.org/view.php?id=CVE-2012-1459
21 Mar 2012 — The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, ... • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 2%CPEs: 168EXPL: 0CVE-2007-3699 – Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability
https://notcve.org/view.php?id=CVE-2007-3699
12 Jul 2007 — The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header. El componente Decomposer en múltiples productos Symantec permite a atacantes remotos provocar denegación de servicio (bucles infinitos) a través de ciertos valores en el campo PACK_SIZE de una cabecera de archivo RAR. This vulnerability allows attackers to create a denial of service condition on software with vuln... • http://osvdb.org/36119 •
CVSS: 9.8EPSS: 10%CPEs: 168EXPL: 0CVE-2007-0447 – Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-0447
12 Jul 2007 — Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. Desbordamiento de búfer basado en pila en el componente Decomposer en múltiples producto Symantec que permiten a atacantes remotos ejecutar código de su elección a través de archivos .CAB manipulados. This vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of Symantec's AntiVirus Engine. U... • http://osvdb.org/36118 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2006-4562
https://notcve.org/view.php?id=CVE-2006-4562
06 Sep 2006 — The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface ** DISCUTIDO ** El servicio proxy DNS en Symantec Gateway Security (SGS) permite a un atacante remoto hacer consultas DNS de su elección a los servidores DNS de terceras personas, mientras se ... • http://www.securityfocus.com/archive/1/444114/100/100/threaded •
CVSS: 9.8EPSS: 4%CPEs: 11EXPL: 0CVE-2005-3768
https://notcve.org/view.php?id=CVE-2005-3768
23 Nov 2005 — Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. • http://secunia.com/advisories/17684 •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2005-0817
https://notcve.org/view.php?id=CVE-2005-0817
20 Mar 2005 — Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote attackers to poison the DNS cache and redirect users to malicious sites. • http://archives.neohapsis.com/archives/bugtraq/2004-06/0225.html •
CVSS: 8.8EPSS: 10%CPEs: 49EXPL: 0CVE-2005-0249
https://notcve.org/view.php?id=CVE-2005-0249
08 Feb 2005 — Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. • http://securitytracker.com/id?1013133 •
CVSS: 9.8EPSS: 8%CPEs: 9EXPL: 0CVE-2004-0369
https://notcve.org/view.php?id=CVE-2004-0369
31 Dec 2004 — Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. • http://securityresponse.symantec.com/avcenter/security/Content/2004.08.26.html •