Filtered by vendor Symantec
Subscribe
Total
571 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0106 | 1 Symantec | 1 Enterprise Firewall | 2024-02-04 | 7.5 HIGH | N/A |
The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8. | |||||
CVE-2000-1007 | 1 Symantec | 1 I-gear | 2024-02-04 | 5.0 MEDIUM | N/A |
I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors. | |||||
CVE-2003-0470 | 1 Symantec | 1 Security Check | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings. | |||||
CVE-2004-2147 | 1 Symantec | 1 Norton Antivirus | 2024-02-04 | 5.0 MEDIUM | N/A |
Unknown versions of Symantec Norton AntiVirus and Microsoft Outlook allow attackers to cause a denial of service (crash) via malformed e-mail messages (1) without a body or (2) without a carriage return ("\n") separating the headers from the body. | |||||
CVE-2000-0478 | 1 Symantec | 1 Norton Antivirus | 2024-02-04 | 5.0 MEDIUM | N/A |
In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server. | |||||
CVE-2003-1310 | 1 Symantec | 1 Norton Antivirus | 2024-02-04 | 4.6 MEDIUM | N/A |
The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack"). | |||||
CVE-2002-0345 | 1 Symantec | 1 Norton Ghost | 2024-02-04 | 7.5 HIGH | N/A |
Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges. | |||||
CVE-2000-0324 | 1 Symantec | 1 Pcanywhere | 2024-02-04 | 5.0 MEDIUM | N/A |
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. | |||||
CVE-2004-1910 | 1 Symantec | 1 Security Check Virus Detection | 2024-02-04 | 5.0 MEDIUM | N/A |
rufsi.dll in Symantec Virus Detection allows remote attackers to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. NOTE: this issue was originally reported as a buffer overflow, but that specific claim is disputed by the vendor, although a crash is acknowledged. | |||||
CVE-2004-0217 | 2 Redhat, Symantec | 2 Linux, Antivirus Scan Engine | 2024-02-04 | 3.7 LOW | 7.0 HIGH |
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log. | |||||
CVE-1999-0842 | 1 Symantec | 1 Mail-gear | 2024-02-04 | 5.0 MEDIUM | N/A |
Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2004-0683 | 1 Symantec | 1 Norton Antivirus | 2024-02-04 | 5.0 MEDIUM | N/A |
Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU consumption) via a compressed archive that contains a large number of directories. | |||||
CVE-2003-1149 | 1 Symantec | 1 Norton Internet Security | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page. | |||||
CVE-2004-1474 | 1 Symantec | 12 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 9 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file. | |||||
CVE-2004-0363 | 1 Symantec | 1 Norton Antispam | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method. | |||||
CVE-2002-1937 | 1 Symantec | 3 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r | 2024-02-04 | 5.0 MEDIUM | N/A |
Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside the firewall's configuration, which allows remote attackers to spoof the administrator's MAC address and perform an ARP poisoning man-in-the-middle attack to obtain the administrator's password. | |||||
CVE-2002-0990 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. | |||||
CVE-2000-0238 | 1 Symantec | 1 Norton Antivirus | 2024-02-04 | 5.0 MEDIUM | N/A |
Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. | |||||
CVE-1999-1380 | 1 Symantec | 1 Norton Utilities | 2024-02-04 | 5.1 MEDIUM | N/A |
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0. | |||||
CVE-2002-2294 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). |