// For flags

CVE-2016-5309

Symantec RAR Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write

Severity Score

5.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted RAR file that is mishandled during decompression.

El componente del analizador de archivos RAR en el AntiVirus Decomposer engine en Symantec Advanced Threat Protection: Network (ATP) : Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Servidor; Symantec Endpoint Protection (SEP) para Windows en versiones anteriores a 12.1.6 MP5; Symantec Endpoint Protection (SEP) para Mac; Symantec Endpoint Protection (SEP) en versiones anteriores a Linux en versiones anteriores a 12.1.6 MP6; Symantec Endpoint Protection para SMALL Business Entreprise (SEP SBE / SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) para Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI en versiones anteriores a 10.0.4 HF02; Symantec Protection Engine (SPE) en versiones anteriores a 7.0.5 HF02, 7.5.x en versiones anteriores a 7.5.4 HF02, 7.5.5 en versiones anteriores a 7.5.5 HF01 y 7.8.x en versiones anteriores a 7.8.0 HF03; Symantec Mail Security para Domino (SMSDOM) en versiones anteriores a 8.0.9 HF2.1, 8.1.x en versiones anteriores a 8.1.2 HF2.3 y 8.1.3 en versiones anteriores a 8.1.3 HF2.2; Symantec Mail Security para Microsoft Exchange (SMSMSE) en versiones anteriores a 6.5.8_3968140 HF2.3, 7.x en versiones anteriores a 7.0_3966002 HF2.1 y 7.5.x en versiones anteriores a 7.5_3966008 VHF2.2; Servidores de Symantec Protection para SharePoint (SPSS) antes de la actualización SPSS_6.0.3_To_6.0.5_HF_2.5, 6.0.6 en versiones anteriores a 6.0.6 HF_2.6 y 6.0.7 en versiones anteriores a 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) en versiones anteriores a 10.6.2; Symantec Messaging Gateway para proveedores de servicios (SMG-SP) en versiones anteriores a 10.5 parche 260 y en versiones anteriores a10.6 parche 259; Symantec Web Gateway; y Symantec Web Security.Cloud permite a los atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo RAR manipulado que se maneja incorrectamente durante la descompresión.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-06-06 CVE Reserved
  • 2017-04-14 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • 2024-08-21 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-125: Out-of-bounds Read
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Broadcom
Search vendor "Broadcom"
Symantec Data Center Security Server
Search vendor "Broadcom" for product "Symantec Data Center Security Server"
--
Affected
Symantec
Search vendor "Symantec"
Advanced Threat Protection
Search vendor "Symantec" for product "Advanced Threat Protection"
--
Affected
Symantec
Search vendor "Symantec"
Csapi
Search vendor "Symantec" for product "Csapi"
<= 10.0.4
Search vendor "Symantec" for product "Csapi" and version " <= 10.0.4"
-
Affected
Symantec
Search vendor "Symantec"
Email Security.cloud
Search vendor "Symantec" for product "Email Security.cloud"
--
Affected
Symantec
Search vendor "Symantec"
Endpoint Protection
Search vendor "Symantec" for product "Endpoint Protection"
<= 12.1.4
Search vendor "Symantec" for product "Endpoint Protection" and version " <= 12.1.4"
mac
Affected
Symantec
Search vendor "Symantec"
Endpoint Protection
Search vendor "Symantec" for product "Endpoint Protection"
<= 12.1.6
Search vendor "Symantec" for product "Endpoint Protection" and version " <= 12.1.6"
linux
Affected
Symantec
Search vendor "Symantec"
Endpoint Protection
Search vendor "Symantec" for product "Endpoint Protection"
<= 12.1.6
Search vendor "Symantec" for product "Endpoint Protection" and version " <= 12.1.6"
windows
Affected
Symantec
Search vendor "Symantec"
Endpoint Protection Cloud
Search vendor "Symantec" for product "Endpoint Protection Cloud"
-mac
Affected
Symantec
Search vendor "Symantec"
Endpoint Protection Cloud
Search vendor "Symantec" for product "Endpoint Protection Cloud"
-windows
Affected
Symantec
Search vendor "Symantec"
Endpoint Protection For Small Business
Search vendor "Symantec" for product "Endpoint Protection For Small Business"
<= 12.1
Search vendor "Symantec" for product "Endpoint Protection For Small Business" and version " <= 12.1"
-
Affected
Symantec
Search vendor "Symantec"
Endpoint Protection For Small Business
Search vendor "Symantec" for product "Endpoint Protection For Small Business"
-enterprise
Affected
Symantec
Search vendor "Symantec"
Mail Security For Domino
Search vendor "Symantec" for product "Mail Security For Domino"
<= 8.0.9
Search vendor "Symantec" for product "Mail Security For Domino" and version " <= 8.0.9"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Domino
Search vendor "Symantec" for product "Mail Security For Domino"
8.1.2
Search vendor "Symantec" for product "Mail Security For Domino" and version "8.1.2"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Domino
Search vendor "Symantec" for product "Mail Security For Domino"
8.1.3
Search vendor "Symantec" for product "Mail Security For Domino" and version "8.1.3"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
<= 6.5.8
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version " <= 6.5.8"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.0
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.0"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.0.1
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.0.1"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.0.2
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.0.2"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.0.3
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.0.3"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.0.4
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.0.4"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.5
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.5"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.5.1
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.5.1"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.5.2
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.5.2"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.5.3
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.5.3"
-
Affected
Symantec
Search vendor "Symantec"
Mail Security For Microsoft Exchange
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange"
7.5.4
Search vendor "Symantec" for product "Mail Security For Microsoft Exchange" and version "7.5.4"
-
Affected
Symantec
Search vendor "Symantec"
Messaging Gateway
Search vendor "Symantec" for product "Messaging Gateway"
<= 10.6.1
Search vendor "Symantec" for product "Messaging Gateway" and version " <= 10.6.1"
-
Affected
Symantec
Search vendor "Symantec"
Messaging Gateway For Service Providers
Search vendor "Symantec" for product "Messaging Gateway For Service Providers"
10.5
Search vendor "Symantec" for product "Messaging Gateway For Service Providers" and version "10.5"
-
Affected
Symantec
Search vendor "Symantec"
Messaging Gateway For Service Providers
Search vendor "Symantec" for product "Messaging Gateway For Service Providers"
10.6
Search vendor "Symantec" for product "Messaging Gateway For Service Providers" and version "10.6"
-
Affected
Symantec
Search vendor "Symantec"
Protection Engine
Search vendor "Symantec" for product "Protection Engine"
<= 7.0.5
Search vendor "Symantec" for product "Protection Engine" and version " <= 7.0.5"
-
Affected
Symantec
Search vendor "Symantec"
Protection Engine
Search vendor "Symantec" for product "Protection Engine"
7.5.0
Search vendor "Symantec" for product "Protection Engine" and version "7.5.0"
-
Affected
Symantec
Search vendor "Symantec"
Protection Engine
Search vendor "Symantec" for product "Protection Engine"
7.5.1
Search vendor "Symantec" for product "Protection Engine" and version "7.5.1"
-
Affected
Symantec
Search vendor "Symantec"
Protection Engine
Search vendor "Symantec" for product "Protection Engine"
7.5.2
Search vendor "Symantec" for product "Protection Engine" and version "7.5.2"
-
Affected
Symantec
Search vendor "Symantec"
Protection Engine
Search vendor "Symantec" for product "Protection Engine"
7.5.3
Search vendor "Symantec" for product "Protection Engine" and version "7.5.3"
-
Affected
Symantec
Search vendor "Symantec"
Protection Engine
Search vendor "Symantec" for product "Protection Engine"
7.5.4
Search vendor "Symantec" for product "Protection Engine" and version "7.5.4"
-
Affected
Symantec
Search vendor "Symantec"
Protection Engine
Search vendor "Symantec" for product "Protection Engine"
7.5.5
Search vendor "Symantec" for product "Protection Engine" and version "7.5.5"
-
Affected
Symantec
Search vendor "Symantec"
Protection Engine
Search vendor "Symantec" for product "Protection Engine"
7.8.0
Search vendor "Symantec" for product "Protection Engine" and version "7.8.0"
-
Affected
Symantec
Search vendor "Symantec"
Protection For Sharepoint Servers
Search vendor "Symantec" for product "Protection For Sharepoint Servers"
6.0.3
Search vendor "Symantec" for product "Protection For Sharepoint Servers" and version "6.0.3"
-
Affected
Symantec
Search vendor "Symantec"
Protection For Sharepoint Servers
Search vendor "Symantec" for product "Protection For Sharepoint Servers"
6.0.4
Search vendor "Symantec" for product "Protection For Sharepoint Servers" and version "6.0.4"
-
Affected
Symantec
Search vendor "Symantec"
Protection For Sharepoint Servers
Search vendor "Symantec" for product "Protection For Sharepoint Servers"
6.0.5
Search vendor "Symantec" for product "Protection For Sharepoint Servers" and version "6.0.5"
-
Affected
Symantec
Search vendor "Symantec"
Protection For Sharepoint Servers
Search vendor "Symantec" for product "Protection For Sharepoint Servers"
6.0.6
Search vendor "Symantec" for product "Protection For Sharepoint Servers" and version "6.0.6"
-
Affected
Symantec
Search vendor "Symantec"
Protection For Sharepoint Servers
Search vendor "Symantec" for product "Protection For Sharepoint Servers"
6.0.7
Search vendor "Symantec" for product "Protection For Sharepoint Servers" and version "6.0.7"
-
Affected
Symantec
Search vendor "Symantec"
Web Gateway
Search vendor "Symantec" for product "Web Gateway"
--
Affected
Symantec
Search vendor "Symantec"
Web Security.cloud
Search vendor "Symantec" for product "Web Security.cloud"
--
Affected