CVSS: 9.3EPSS: 2%CPEs: 168EXPL: 0CVE-2007-3699 – Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability
https://notcve.org/view.php?id=CVE-2007-3699
12 Jul 2007 — The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header. El componente Decomposer en múltiples productos Symantec permite a atacantes remotos provocar denegación de servicio (bucles infinitos) a través de ciertos valores en el campo PACK_SIZE de una cabecera de archivo RAR. This vulnerability allows attackers to create a denial of service condition on software with vuln... • http://osvdb.org/36119 •
CVSS: 9.8EPSS: 10%CPEs: 168EXPL: 0CVE-2007-0447 – Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-0447
12 Jul 2007 — Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. Desbordamiento de búfer basado en pila en el componente Decomposer en múltiples producto Symantec que permiten a atacantes remotos ejecutar código de su elección a través de archivos .CAB manipulados. This vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of Symantec's AntiVirus Engine. U... • http://osvdb.org/36118 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 2CVE-2007-1793 – Symantec (Multiple Products) - 'SPBBCDrv' Driver Local Denial of Service
https://notcve.org/view.php?id=CVE-2007-1793
02 Apr 2007 — SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected. El archivo SPBBCDrv.sys en Symantec... • https://www.exploit-db.com/exploits/29810 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 10%CPEs: 49EXPL: 0CVE-2005-0249
https://notcve.org/view.php?id=CVE-2005-0249
08 Feb 2005 — Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. • http://securitytracker.com/id?1013133 •
CVSS: 10.0EPSS: 58%CPEs: 23EXPL: 0CVE-2004-0444
https://notcve.org/view.php?id=CVE-2004-0444
20 May 2004 — Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a hea... • http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html •
CVSS: 7.5EPSS: 35%CPEs: 23EXPL: 1CVE-2004-0445 – Symantec Multiple Firewall - DNS Response Denial of Service
https://notcve.org/view.php?id=CVE-2004-0445
20 May 2004 — The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself. El controlador SYMDNS.SYS de Symantec Norton Internet Security y Professional 2002 a 2004, Norton Personal Firewall 2002... • https://www.exploit-db.com/exploits/299 •
CVSS: 9.8EPSS: 72%CPEs: 1EXPL: 1CVE-2004-0363 – Norton AntiSpam 2004 - SymSpamHelper ActiveX Control Buffer Overflow
https://notcve.org/view.php?id=CVE-2004-0363
23 Mar 2004 — Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method. Desbordamiento de búfer basado en la pila en el componente ActiveX SymSpamHelper (symspam.dll) en Norton AntiSpam 2004, usado en Norton Internet Security 2004, permite a atacantes remotos ejecutar código arbitrario mediante un parámetro largo en el método... • https://www.exploit-db.com/exploits/16595 •