CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2016-5311
https://notcve.org/view.php?id=CVE-2016-5311
09 Jan 2020 — A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges. Se presenta una vulnerabilidad de escalada de privilegios en Symantec Norton Antivirus, Norton AntiVirus with Backup, Nor... • http://www.securityfocus.com/bid/94295 • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2011-3477
https://notcve.org/view.php?id=CVE-2011-3477
19 Feb 2018 — GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors. GEAR Software CD DVD Filter driver (también conocido como GEARAspiWDM.sys), tal y como se usa en Symantec Backup Exec System Recovery 8.5 y BESR 2010, Symantec System Recovery 2011, Norton 360 y Norton Ghost, permite que los usuarios loca... • http://www.securityfocus.com/bid/47822 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 23%CPEs: 44EXPL: 2CVE-2016-2207 – Symantec AntiVirus - Unpacking RAR Multiple Remote Memory Corruptions
https://notcve.org/view.php?id=CVE-2016-2207
29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137706 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 39%CPEs: 44EXPL: 2CVE-2016-2209 – Symantec AntiVirus - PowerPoint Misaligned Stream-cache Remote Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2016-2209
29 Jun 2016 — Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for Sha... • https://packetstorm.news/files/id/137712 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 39%CPEs: 44EXPL: 2CVE-2016-2210 – Symantec AntiVirus - 'dec2lha Library' Remote Stack Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2016-2210
29 Jun 2016 — Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for Sh... • https://packetstorm.news/files/id/137707 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 10%CPEs: 44EXPL: 1CVE-2016-2211 – Symantec Antivirus MSPACK Unpacking Memory Corruption
https://notcve.org/view.php?id=CVE-2016-2211
29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137708 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 21%CPEs: 37EXPL: 2CVE-2016-3644 – Symantec AntiVirus - Heap Overflow Modifying MIME Messages
https://notcve.org/view.php?id=CVE-2016-3644
29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137709 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 53%CPEs: 37EXPL: 2CVE-2016-3645 – Symantec AntiVirus - TNEF Decoder Integer Overflow
https://notcve.org/view.php?id=CVE-2016-3645
29 Jun 2016 — Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection... • https://packetstorm.news/files/id/137710 • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 23%CPEs: 37EXPL: 2CVE-2016-3646 – Symantec AntiVirus - Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink
https://notcve.org/view.php?id=CVE-2016-3646
29 Jun 2016 — The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 thro... • https://packetstorm.news/files/id/137711 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 27%CPEs: 31EXPL: 0CVE-2010-0107
https://notcve.org/view.php?id=CVE-2010-0107
23 Feb 2010 — Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site." Desbordamiento de búfer en el control ActiveX (SYMLTCOM.dll) ... • http://osvdb.org/62412 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •