CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6588
https://notcve.org/view.php?id=CVE-2016-6588
08 Jan 2020 — A Cross-Site Scripting (XSS) vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0. Existe una vulnerabilidad de tipo Cross-Site Scripting (XSS) en la consola del administrador de procesos de flujo de trabajo de ITMS en Symantec IT Management Suite versión 8.0. • http://www.securityfocus.com/bid/93952 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6589
https://notcve.org/view.php?id=CVE-2016-6589
08 Jan 2020 — A Denial of Service vulnerability exists in the ITMS workflow process manager login window in Symantec IT Management Suite 8.0. Existe una vulnerabilidad de Denegación de Servicio en la ventana de inicio de sesión del administrador de procesos de flujo de trabajo de ITMS en Symantec IT Management Suite versión 8.0. • http://www.securityfocus.com/bid/93951 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-6590
https://notcve.org/view.php?id=CVE-2016-6590
08 Jan 2020 — A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code. Existe una vulnerabilidad de escalada de privilegios cuando se cargan bibliotecas DLL durante el arranque y el rein... • http://www.securityfocus.com/bid/94279 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2202
https://notcve.org/view.php?id=CVE-2016-2202
20 Apr 2016 — The Inventory Solution component in the Management Agent in the client in Symantec Altiris IT Management Suite (ITMS) through 7.6 HF7 allows local users to bypass intended application-blacklist restrictions via unspecified vectors. El componente Inventory Solution en Management Agent en el cliente en Symantec Altiris IT Management Suite (ITMS) hasta la versión 7.6 HF7 permite a usuarios locales eludir las restricciones destinadas a la lista negra de aplicaciones a través de vectores no especificados. • http://www.securityfocus.com/bid/85778 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 6%CPEs: 23EXPL: 3CVE-2012-0292 – pcAnywhere 12.5.0 build 463 - Denial of Service
https://notcve.org/view.php?id=CVE-2012-0292
08 Mar 2012 — The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631. El servicio awhost32 en Symantec pcAnywhere hasta v12.5.3, Altiris IT Managemen... • https://www.exploit-db.com/exploits/18493 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2012-0291
https://notcve.org/view.php?id=CVE-2012-0291
22 Feb 2012 — Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response. Symantec pcAnywhere hasta la v1... • http://secunia.com/advisories/48092 • CWE-20: Improper Input Validation •