Vulnerabilites related to symantec - norton_personal_firewall
cve-2006-4266
Vulnerability from cvelistv5
Published
2006-08-21 21:00
Modified
2024-08-07 19:06
Severity ?
EPSS score ?
Summary
Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product's functionality is intended to protect against privileged actions such as this.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/1428 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/19585 | vdb-entry, x_refsource_BID | |
| http://www.matousec.com/info/advisories/Norton-DLL-faking-via-SuiteOwners-protection-bypass.php | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/443632/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:06.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1428",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1428"
},
{
"name": "19585",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19585"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Norton-DLL-faking-via-SuiteOwners-protection-bypass.php"
},
{
"name": "20060818 Norton DLL faking via \u0027SuiteOwners\u0027 protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/443632/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\\SOFTWARE\\Symantec\\CCPD\\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product\u0027s functionality is intended to protect against privileged actions such as this."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1428",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1428"
},
{
"name": "19585",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19585"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Norton-DLL-faking-via-SuiteOwners-protection-bypass.php"
},
{
"name": "20060818 Norton DLL faking via \u0027SuiteOwners\u0027 protection bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/443632/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\\SOFTWARE\\Symantec\\CCPD\\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product\u0027s functionality is intended to protect against privileged actions such as this."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1428",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1428"
},
{
"name": "19585",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19585"
},
{
"name": "http://www.matousec.com/info/advisories/Norton-DLL-faking-via-SuiteOwners-protection-bypass.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Norton-DLL-faking-via-SuiteOwners-protection-bypass.php"
},
{
"name": "20060818 Norton DLL faking via \u0027SuiteOwners\u0027 protection bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/443632/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4266",
"datePublished": "2006-08-21T21:00:00",
"dateReserved": "2006-08-21T00:00:00",
"dateUpdated": "2024-08-07T19:06:06.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1689
Vulnerability from cvelistv5
Published
2007-05-16 20:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/1843 | vdb-entry, x_refsource_VUPEN | |
| http://www.symantec.com/avcenter/security/Content/2007.05.16.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/23936 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/36164 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1018073 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/25290 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kb.cert.org/vuls/id/983953 | third-party-advisory, x_refsource_CERT-VN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34328 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/468779/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1843",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1843"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.05.16.html"
},
{
"name": "23936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23936"
},
{
"name": "36164",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36164"
},
{
"name": "1018073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018073"
},
{
"name": "25290",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25290"
},
{
"name": "VU#983953",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/983953"
},
{
"name": "symantec-islalert-bo(34328)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34328"
},
{
"name": "20070516 Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/468779/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "ADV-2007-1843",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1843"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.05.16.html"
},
{
"name": "23936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23936"
},
{
"name": "36164",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36164"
},
{
"name": "1018073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018073"
},
{
"name": "25290",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25290"
},
{
"name": "VU#983953",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/983953"
},
{
"name": "symantec-islalert-bo(34328)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34328"
},
{
"name": "20070516 Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/468779/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2007-1689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1843",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1843"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.05.16.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.05.16.html"
},
{
"name": "23936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23936"
},
{
"name": "36164",
"refsource": "OSVDB",
"url": "http://osvdb.org/36164"
},
{
"name": "1018073",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018073"
},
{
"name": "25290",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25290"
},
{
"name": "VU#983953",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/983953"
},
{
"name": "symantec-islalert-bo(34328)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34328"
},
{
"name": "20070516 Symantec Product Security: Norton Personal Firewall 2004 ActiveX Control vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/468779/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2007-1689",
"datePublished": "2007-05-16T20:00:00",
"dateReserved": "2007-03-26T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0445
Vulnerability from cvelistv5
Published
2004-05-20 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1010146 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1010145 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ciac.org/ciac/bulletins/o-141.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| http://www.kb.cert.org/vuls/id/682110 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.osvdb.org/6100 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16132 | vdb-entry, x_refsource_XF | |
| http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html | x_refsource_CONFIRM | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html | mailing-list, x_refsource_FULLDISC | |
| http://securitytracker.com/id?1010144 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/11066 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/10336 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1010146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010146"
},
{
"name": "1010145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010145"
},
{
"name": "O-141",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"name": "VU#682110",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/682110"
},
{
"name": "6100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6100"
},
{
"name": "symantec-firewall-dns-dos(16132)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html"
},
{
"name": "1010144",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010144"
},
{
"name": "11066",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11066"
},
{
"name": "10336",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10336"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1010146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010146"
},
{
"name": "1010145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010145"
},
{
"name": "O-141",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"name": "VU#682110",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/682110"
},
{
"name": "6100",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6100"
},
{
"name": "symantec-firewall-dns-dos(16132)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html"
},
{
"name": "1010144",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010144"
},
{
"name": "11066",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11066"
},
{
"name": "10336",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10336"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1010146",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010146"
},
{
"name": "1010145",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010145"
},
{
"name": "O-141",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"name": "VU#682110",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/682110"
},
{
"name": "6100",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6100"
},
{
"name": "symantec-firewall-dns-dos(16132)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html"
},
{
"name": "1010144",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010144"
},
{
"name": "11066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11066"
},
{
"name": "10336",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10336"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0445",
"datePublished": "2004-05-20T04:00:00",
"dateReserved": "2004-05-04T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3673
Vulnerability from cvelistv5
Published
2007-07-15 21:00
Modified
2024-08-07 14:28
Severity ?
EPSS score ?
Summary
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/26042 | third-party-advisory, x_refsource_SECUNIA | |
| http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35347 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/22351 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/2507 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/36117 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1018372 | vdb-entry, x_refsource_SECTRACK | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554 | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:51.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26042"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
},
{
"name": "symantec-multi-symtdi-privilege-escalation(35347)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
},
{
"name": "22351",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22351"
},
{
"name": "ADV-2007-2507",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2507"
},
{
"name": "36117",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36117"
},
{
"name": "1018372",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018372"
},
{
"name": "20070711 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\\\symTDI\\, which results in memory overwrite."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26042",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26042"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
},
{
"name": "symantec-multi-symtdi-privilege-escalation(35347)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
},
{
"name": "22351",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22351"
},
{
"name": "ADV-2007-2507",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2507"
},
{
"name": "36117",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36117"
},
{
"name": "1018372",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018372"
},
{
"name": "20070711 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\\\symTDI\\, which results in memory overwrite."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26042",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26042"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
},
{
"name": "symantec-multi-symtdi-privilege-escalation(35347)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
},
{
"name": "22351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22351"
},
{
"name": "ADV-2007-2507",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2507"
},
{
"name": "36117",
"refsource": "OSVDB",
"url": "http://osvdb.org/36117"
},
{
"name": "1018372",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018372"
},
{
"name": "20070711 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3673",
"datePublished": "2007-07-15T21:00:00",
"dateReserved": "2007-07-10T00:00:00",
"dateUpdated": "2024-08-07T14:28:51.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0444
Vulnerability from cvelistv5
Published
2004-05-20 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.967Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "6099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6099"
},
{
"name": "VU#634414",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/634414"
},
{
"name": "1010146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010146"
},
{
"name": "1010145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010145"
},
{
"name": "VU#637318",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/637318"
},
{
"name": "10335",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10335"
},
{
"name": "O-141",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html"
},
{
"name": "VU#294998",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/294998"
},
{
"name": "10333",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10333"
},
{
"name": "symantec-nbns-response-bo(16134)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16134"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html"
},
{
"name": "6101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6101"
},
{
"name": "6102",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6102"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"name": "symantec-dns-response-bo(16137)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16137"
},
{
"name": "1010144",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010144"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html"
},
{
"name": "10334",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10334"
},
{
"name": "11066",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11066"
},
{
"name": "symantec-firewalls-nbns-bo(16135)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16135"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "6099",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6099"
},
{
"name": "VU#634414",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/634414"
},
{
"name": "1010146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010146"
},
{
"name": "1010145",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010145"
},
{
"name": "VU#637318",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/637318"
},
{
"name": "10335",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10335"
},
{
"name": "O-141",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html"
},
{
"name": "VU#294998",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/294998"
},
{
"name": "10333",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10333"
},
{
"name": "symantec-nbns-response-bo(16134)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16134"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html"
},
{
"name": "6101",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6101"
},
{
"name": "6102",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6102"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"name": "symantec-dns-response-bo(16137)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16137"
},
{
"name": "1010144",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010144"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html"
},
{
"name": "10334",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10334"
},
{
"name": "11066",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11066"
},
{
"name": "symantec-firewalls-nbns-bo(16135)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16135"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "6099",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6099"
},
{
"name": "VU#634414",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/634414"
},
{
"name": "1010146",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010146"
},
{
"name": "1010145",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010145"
},
{
"name": "VU#637318",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/637318"
},
{
"name": "10335",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10335"
},
{
"name": "O-141",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html"
},
{
"name": "VU#294998",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/294998"
},
{
"name": "10333",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10333"
},
{
"name": "symantec-nbns-response-bo(16134)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16134"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html"
},
{
"name": "6101",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6101"
},
{
"name": "6102",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6102"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"name": "symantec-dns-response-bo(16137)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16137"
},
{
"name": "1010144",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010144"
},
{
"name": "20040512 EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html"
},
{
"name": "10334",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10334"
},
{
"name": "11066",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11066"
},
{
"name": "symantec-firewalls-nbns-bo(16135)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16135"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0444",
"datePublished": "2004-05-20T04:00:00",
"dateReserved": "2004-05-04T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.967Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1779
Vulnerability from cvelistv5
Published
2005-06-21 04:00
Modified
2024-09-17 03:22
Severity ?
EPSS score ?
Summary
The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305).
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/4545 | vdb-entry, x_refsource_BID | |
| http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html | x_refsource_CONFIRM | |
| http://online.securityfocus.com/archive/1/267850 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4545",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4545"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"name": "20020416 Norton Personal Firewall 2002 vulnerable to SYN/FIN scan",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/267850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The \"block fragmented IP Packets\" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-21T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4545",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4545"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"name": "20020416 Norton Personal Firewall 2002 vulnerable to SYN/FIN scan",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/267850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \"block fragmented IP Packets\" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4545",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4545"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"name": "20020416 Norton Personal Firewall 2002 vulnerable to SYN/FIN scan",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/267850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1779",
"datePublished": "2005-06-21T04:00:00Z",
"dateReserved": "2005-06-21T00:00:00Z",
"dateUpdated": "2024-09-17T03:22:56.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-1778
Vulnerability from cvelistv5
Published
2005-06-21 04:00
Modified
2024-08-08 03:34
Severity ?
EPSS score ?
Summary
Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/8859 | vdb-entry, x_refsource_XF | |
| http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html | x_refsource_CONFIRM | |
| http://online.securityfocus.com/archive/1/267850 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/4521 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:56.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "norton-bypass-portscan-protection(8859)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8859"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"name": "20020416 Norton Personal Firewall 2002 vulnerable to SYN/FIN scan",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/267850"
},
{
"name": "4521",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4521"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "norton-bypass-portscan-protection(8859)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8859"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"name": "20020416 Norton Personal Firewall 2002 vulnerable to SYN/FIN scan",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/267850"
},
{
"name": "4521",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4521"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1778",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "norton-bypass-portscan-protection(8859)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8859"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"name": "20020416 Norton Personal Firewall 2002 vulnerable to SYN/FIN scan",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/267850"
},
{
"name": "4521",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4521"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1778",
"datePublished": "2005-06-21T04:00:00",
"dateReserved": "2005-06-21T00:00:00",
"dateUpdated": "2024-08-08T03:34:56.368Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-1836
Vulnerability from cvelistv5
Published
2006-04-19 16:00
Modified
2024-08-07 17:27
Severity ?
EPSS score ?
Summary
Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/100 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/17571 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2006/1386 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/431318/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securitytracker.com/id?1015953 | vdb-entry, x_refsource_SECTRACK | |
| http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html | x_refsource_CONFIRM | |
| http://secunia.com/advisories/19682 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25839 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:27:29.470Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "100",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/100"
},
{
"name": "17571",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/17571"
},
{
"name": "ADV-2006-1386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1386"
},
{
"name": "20060418 [Symantec Security Advisory] LiveUpdate for Macintosh Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/431318/100/0/threaded"
},
{
"name": "1015953",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015953"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html"
},
{
"name": "19682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19682"
},
{
"name": "liveupdate-exepath-env-privilege-escalation(25839)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25839"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "100",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/100"
},
{
"name": "17571",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/17571"
},
{
"name": "ADV-2006-1386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1386"
},
{
"name": "20060418 [Symantec Security Advisory] LiveUpdate for Macintosh Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/431318/100/0/threaded"
},
{
"name": "1015953",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015953"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html"
},
{
"name": "19682",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19682"
},
{
"name": "liveupdate-exepath-env-privilege-escalation(25839)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25839"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "100",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/100"
},
{
"name": "17571",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/17571"
},
{
"name": "ADV-2006-1386",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1386"
},
{
"name": "20060418 [Symantec Security Advisory] LiveUpdate for Macintosh Local Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/431318/100/0/threaded"
},
{
"name": "1015953",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015953"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html"
},
{
"name": "19682",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19682"
},
{
"name": "liveupdate-exepath-env-privilege-escalation(25839)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25839"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1836",
"datePublished": "2006-04-19T16:00:00",
"dateReserved": "2006-04-19T00:00:00",
"dateUpdated": "2024-08-07T17:27:29.470Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1793
Vulnerability from cvelistv5
Published
2007-04-02 22:00
Modified
2024-08-07 13:06
Severity ?
EPSS score ?
Summary
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1192",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"name": "1021386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021386"
},
{
"name": "1017837",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017837"
},
{
"name": "23241",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23241"
},
{
"name": "1021388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021388"
},
{
"name": "1021389",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021389"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"name": "symantec-firewall-ssdt-dos(33352)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "34692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34692"
},
{
"name": "1017838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017838"
},
{
"name": "1021387",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021387"
},
{
"name": "24677",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24677"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1192",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"name": "1021386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021386"
},
{
"name": "1017837",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017837"
},
{
"name": "23241",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23241"
},
{
"name": "1021388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021388"
},
{
"name": "1021389",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021389"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"name": "symantec-firewall-ssdt-dos(33352)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "34692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34692"
},
{
"name": "1017838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017838"
},
{
"name": "1021387",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021387"
},
{
"name": "24677",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24677"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1192",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"name": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"name": "1021386",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021386"
},
{
"name": "1017837",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017837"
},
{
"name": "23241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23241"
},
{
"name": "1021388",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021388"
},
{
"name": "1021389",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021389"
},
{
"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"name": "symantec-firewall-ssdt-dos(33352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
},
{
"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "34692",
"refsource": "OSVDB",
"url": "http://osvdb.org/34692"
},
{
"name": "1017838",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017838"
},
{
"name": "1021387",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021387"
},
{
"name": "24677",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24677"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1793",
"datePublished": "2007-04-02T22:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4855
Vulnerability from cvelistv5
Published
2006-09-19 18:00
Modified
2024-08-07 19:23
Severity ?
EPSS score ?
Summary
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016892",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016892"
},
{
"name": "21938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21938"
},
{
"name": "1016893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016893"
},
{
"name": "1016895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016895"
},
{
"name": "1016889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016889"
},
{
"name": "20060915 Symantec Norton Insufficient validation of \u0027SymEvent\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"name": "1016897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016897"
},
{
"name": "1591",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1591"
},
{
"name": "1016896",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016896"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"name": "20051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20051"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"name": "ADV-2006-3636",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"name": "symantec-firewall-symevent-dos(28960)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
},
{
"name": "1016894",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016894"
},
{
"name": "1016898",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016892",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016892"
},
{
"name": "21938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21938"
},
{
"name": "1016893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016893"
},
{
"name": "1016895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016895"
},
{
"name": "1016889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016889"
},
{
"name": "20060915 Symantec Norton Insufficient validation of \u0027SymEvent\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"name": "1016897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016897"
},
{
"name": "1591",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1591"
},
{
"name": "1016896",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016896"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"name": "20051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20051"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"name": "ADV-2006-3636",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"name": "symantec-firewall-symevent-dos(28960)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
},
{
"name": "1016894",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016894"
},
{
"name": "1016898",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016898"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016892",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016892"
},
{
"name": "21938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21938"
},
{
"name": "1016893",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016893"
},
{
"name": "1016895",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016895"
},
{
"name": "1016889",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016889"
},
{
"name": "20060915 Symantec Norton Insufficient validation of \u0027SymEvent\u0027 driver input buffer",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"name": "1016897",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016897"
},
{
"name": "1591",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1591"
},
{
"name": "1016896",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016896"
},
{
"name": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"name": "20051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20051"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"name": "ADV-2006-3636",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"name": "symantec-firewall-symevent-dos(28960)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
},
{
"name": "1016894",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016894"
},
{
"name": "1016898",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016898"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4855",
"datePublished": "2006-09-19T18:00:00",
"dateReserved": "2006-09-19T00:00:00",
"dateUpdated": "2024-08-07T19:23:41.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1476
Vulnerability from cvelistv5
Published
2007-03-16 21:00
Modified
2024-08-07 12:59
Severity ?
EPSS score ?
Summary
The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/avcenter/security/Content/2007.09.05.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/462926/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://marc.info/?l=full-disclosure&m=117396596027148&w=2 | mailing-list, x_refsource_FULLDISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33003 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/22977 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/35088 | vdb-entry, x_refsource_OSVDB | |
| http://securityreason.com/securityalert/2438 | third-party-advisory, x_refsource_SREASON | |
| http://securitytracker.com/id?1018656 | vdb-entry, x_refsource_SECTRACK | |
| http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.09.05.html"
},
{
"name": "20070315 Norton Insufficient validation of \u0027SymTDI\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462926/100/0/threaded"
},
{
"name": "20070315 Norton Insufficient validation of \u0027SymTDI\u0027 driver",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117396596027148\u0026w=2"
},
{
"name": "symantec-firewall-symtdi-dos(33003)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33003"
},
{
"name": "22977",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22977"
},
{
"name": "35088",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35088"
},
{
"name": "2438",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2438"
},
{
"name": "1018656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver\u0027s \\Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.09.05.html"
},
{
"name": "20070315 Norton Insufficient validation of \u0027SymTDI\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462926/100/0/threaded"
},
{
"name": "20070315 Norton Insufficient validation of \u0027SymTDI\u0027 driver",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=117396596027148\u0026w=2"
},
{
"name": "symantec-firewall-symtdi-dos(33003)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33003"
},
{
"name": "22977",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22977"
},
{
"name": "35088",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35088"
},
{
"name": "2438",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2438"
},
{
"name": "1018656",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver\u0027s \\Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/avcenter/security/Content/2007.09.05.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2007.09.05.html"
},
{
"name": "20070315 Norton Insufficient validation of \u0027SymTDI\u0027 driver input buffer",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462926/100/0/threaded"
},
{
"name": "20070315 Norton Insufficient validation of \u0027SymTDI\u0027 driver",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=117396596027148\u0026w=2"
},
{
"name": "symantec-firewall-symtdi-dos(33003)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33003"
},
{
"name": "22977",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22977"
},
{
"name": "35088",
"refsource": "OSVDB",
"url": "http://osvdb.org/35088"
},
{
"name": "2438",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2438"
},
{
"name": "1018656",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018656"
},
{
"name": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1476",
"datePublished": "2007-03-16T21:00:00",
"dateReserved": "2007-03-16T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-2336
Vulnerability from cvelistv5
Published
2007-10-29 19:00
Modified
2024-09-17 00:06
Severity ?
EPSS score ?
Summary
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html | mailing-list, x_refsource_BUGTRAQ | |
| http://online.securityfocus.com/archive/1/294411 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/5917 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/10314.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021008 Re: Multiple Vendor PC firewall remote denial of services Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html"
},
{
"name": "20021008 Multiple Vendor PC firewall remote denial of services Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"name": "5917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5917"
},
{
"name": "firewall-autoblock-spoofing-dos(10314)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10314.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-10-29T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021008 Re: Multiple Vendor PC firewall remote denial of services Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html"
},
{
"name": "20021008 Multiple Vendor PC firewall remote denial of services Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"name": "5917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5917"
},
{
"name": "firewall-autoblock-spoofing-dos(10314)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10314.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021008 Re: Multiple Vendor PC firewall remote denial of services Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html"
},
{
"name": "20021008 Multiple Vendor PC firewall remote denial of services Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"name": "5917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5917"
},
{
"name": "firewall-autoblock-spoofing-dos(10314)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10314.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2336",
"datePublished": "2007-10-29T19:00:00Z",
"dateReserved": "2007-10-29T00:00:00Z",
"dateUpdated": "2024-09-17T00:06:36.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3699
Vulnerability from cvelistv5
Published
2007-10-05 21:00
Modified
2024-08-07 14:28
Severity ?
EPSS score ?
Summary
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/26053 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/2508 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/36119 | vdb-entry, x_refsource_OSVDB | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-039.html | x_refsource_MISC | |
| http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/24282 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:52.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36119",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36119"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24282"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36119",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36119"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24282"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3699",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36119",
"refsource": "OSVDB",
"url": "http://osvdb.org/36119"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24282"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3699",
"datePublished": "2007-10-05T21:00:00",
"dateReserved": "2007-07-11T00:00:00",
"dateUpdated": "2024-08-07T14:28:52.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3725
Vulnerability from cvelistv5
Published
2006-07-19 21:00
Modified
2024-08-07 18:39
Severity ?
EPSS score ?
Summary
Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentControlSet\Services\SymEvent registry keys.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/1241 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27764 | vdb-entry, x_refsource_XF | |
| http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php | x_refsource_MISC | |
| http://www.securityfocus.com/bid/18995 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/440110/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:53.989Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1241",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1241"
},
{
"name": "symantec-firewall-registry-dos(27764)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27764"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php"
},
{
"name": "18995",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18995"
},
{
"name": "20060715 Norton Insufficient protection of Norton service registry keys",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440110/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\\SYSTEM\\CurrentControlSet\\Services\\SNDSrvc and (2) HKLM\\SYSTEM\\CurrentControlSet\\Services\\SymEvent registry keys."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1241",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1241"
},
{
"name": "symantec-firewall-registry-dos(27764)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27764"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php"
},
{
"name": "18995",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18995"
},
{
"name": "20060715 Norton Insufficient protection of Norton service registry keys",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440110/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3725",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\\SYSTEM\\CurrentControlSet\\Services\\SNDSrvc and (2) HKLM\\SYSTEM\\CurrentControlSet\\Services\\SymEvent registry keys."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1241",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1241"
},
{
"name": "symantec-firewall-registry-dos(27764)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27764"
},
{
"name": "http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php"
},
{
"name": "18995",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18995"
},
{
"name": "20060715 Norton Insufficient protection of Norton service registry keys",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440110/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3725",
"datePublished": "2006-07-19T21:00:00",
"dateReserved": "2006-07-19T00:00:00",
"dateUpdated": "2024-08-07T18:39:53.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0375
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:17
Severity ?
EPSS score ?
Summary
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1009379 | vdb-entry, x_refsource_SECTRACK | |
| http://www.symantec.com/avcenter/security/Content/2004.04.20.html | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1009380 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15433 | vdb-entry, x_refsource_XF | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15936 | vdb-entry, x_refsource_XF | |
| http://www.eeye.com/html/Research/Upcoming/20040309.html | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=108275582432246&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/9912 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:17:14.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1009379",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009379"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2004.04.20.html"
},
{
"name": "1009380",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009380"
},
{
"name": "norton-firewalls-dos(15433)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15433"
},
{
"name": "symantec-firewall-tcp-dos(15936)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15936"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.eeye.com/html/Research/Upcoming/20040309.html"
},
{
"name": "20040423 EEYE: Symantec Multiple Firewall TCP Options Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108275582432246\u0026w=2"
},
{
"name": "9912",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9912"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1009379",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009379"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2004.04.20.html"
},
{
"name": "1009380",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009380"
},
{
"name": "norton-firewalls-dos(15433)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15433"
},
{
"name": "symantec-firewall-tcp-dos(15936)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15936"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.eeye.com/html/Research/Upcoming/20040309.html"
},
{
"name": "20040423 EEYE: Symantec Multiple Firewall TCP Options Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108275582432246\u0026w=2"
},
{
"name": "9912",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9912"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1009379",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009379"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2004.04.20.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2004.04.20.html"
},
{
"name": "1009380",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009380"
},
{
"name": "norton-firewalls-dos(15433)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15433"
},
{
"name": "symantec-firewall-tcp-dos(15936)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15936"
},
{
"name": "http://www.eeye.com/html/Research/Upcoming/20040309.html",
"refsource": "MISC",
"url": "http://www.eeye.com/html/Research/Upcoming/20040309.html"
},
{
"name": "20040423 EEYE: Symantec Multiple Firewall TCP Options Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108275582432246\u0026w=2"
},
{
"name": "9912",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9912"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0375",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-29T00:00:00",
"dateUpdated": "2024-08-08T00:17:14.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0663
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:56
Severity ?
EPSS score ?
Summary
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/4366 | vdb-entry, x_refsource_OSVDB | |
| http://www.atstake.com/research/advisories/2002/a071502-1.txt | vendor-advisory, x_refsource_ATSTAKE | |
| http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/5237 | vdb-entry, x_refsource_BID | |
| http://www.iss.net/security_center/static/9579.php | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4366",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4366"
},
{
"name": "A071502-1",
"tags": [
"vendor-advisory",
"x_refsource_ATSTAKE",
"x_transferred"
],
"url": "http://www.atstake.com/research/advisories/2002/a071502-1.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html"
},
{
"name": "5237",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5237"
},
{
"name": "norton-fw-http-bo(9579)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9579.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-07-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4366",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4366"
},
{
"name": "A071502-1",
"tags": [
"vendor-advisory",
"x_refsource_ATSTAKE"
],
"url": "http://www.atstake.com/research/advisories/2002/a071502-1.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html"
},
{
"name": "5237",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5237"
},
{
"name": "norton-fw-http-bo(9579)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9579.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4366",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4366"
},
{
"name": "A071502-1",
"refsource": "ATSTAKE",
"url": "http://www.atstake.com/research/advisories/2002/a071502-1.txt"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html"
},
{
"name": "5237",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5237"
},
{
"name": "norton-fw-http-bo(9579)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9579.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0663",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-07-02T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0447
Vulnerability from cvelistv5
Published
2007-10-05 21:00
Modified
2024-08-07 12:19
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/26053 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/2508 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/36118 | vdb-entry, x_refsource_OSVDB | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-040.html | x_refsource_MISC | |
| http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/24282 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:30.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36118",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36118"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24282"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36118",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36118"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24282"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0447",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26053"
},
{
"name": "ADV-2007-2508",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"name": "36118",
"refsource": "OSVDB",
"url": "http://osvdb.org/36118"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"name": "24282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24282"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0447",
"datePublished": "2007-10-05T21:00:00",
"dateReserved": "2007-01-23T00:00:00",
"dateUpdated": "2024-08-07T12:19:30.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1495
Vulnerability from cvelistv5
Published
2007-03-16 22:00
Modified
2024-08-07 12:59
Severity ?
EPSS score ?
Summary
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of CVE-2006-4855.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/22961 | vdb-entry, x_refsource_BID | |
| http://securityreason.com/securityalert/2445 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/archive/1/462792/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.531Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22961",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22961"
},
{
"name": "2445",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2445"
},
{
"name": "20070314 SymEvent Driver Local Access System Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/462792/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of CVE-2006-4855."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22961",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22961"
},
{
"name": "2445",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2445"
},
{
"name": "20070314 SymEvent Driver Local Access System Denial of Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/462792/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1495",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of CVE-2006-4855."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22961",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22961"
},
{
"name": "2445",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2445"
},
{
"name": "20070314 SymEvent Driver Local Access System Denial of Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/462792/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1495",
"datePublished": "2007-03-16T22:00:00",
"dateReserved": "2007-03-16T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2004-07-07 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | client_firewall | 5.01 | |
| symantec | client_firewall | 5.1.1 | |
| symantec | client_security | 1.0 | |
| symantec | client_security | 1.1 | |
| symantec | client_security | 1.2 | |
| symantec | client_security | 1.3 | |
| symantec | client_security | 1.4 | |
| symantec | client_security | 1.5 | |
| symantec | client_security | 1.6 | |
| symantec | client_security | 1.7 | |
| symantec | client_security | 1.8 | |
| symantec | client_security | 1.9 | |
| symantec | client_security | 2.0 | |
| symantec | norton_antispam | 2004 | |
| symantec | norton_internet_security | 2002 | |
| symantec | norton_internet_security | 2002 | |
| symantec | norton_internet_security | 2003 | |
| symantec | norton_internet_security | 2003 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_personal_firewall | 2002 | |
| symantec | norton_personal_firewall | 2003 | |
| symantec | norton_personal_firewall | 2004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4AEFBAEB-18D4-4082-9F19-C47113841C89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA9657C-14D2-418A-AABD-96392E87F4B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DFD4CB-40A1-4D70-97AC-0941826F28CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "102D0C6A-31B8-4275-A805-4CA446D1C77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA18147D-E618-4902-8837-5824240DD50E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "75D357CC-EAD0-42E3-B38C-BE2DC44D154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "201403B4-3B5C-4F77-ADAE-7A553D4D58F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D19926-AB65-4C06-8C44-7EA9B070FD1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0F27E94F-F6D6-4C40-878F-BF952658A909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA71038-2D4E-4366-A3D1-AD85251B3E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CC689F12-84C6-4B52-970F-DAF6B00B4A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "EA28BC22-ABF0-4F1E-BA83-85B398775450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "F05FEBA2-33E8-4074-8B57-4FE6FFEF2F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*",
"matchCriteriaId": "A5FA0458-AB41-495E-B41F-C18B4E6876CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF97C5F-3A80-4973-85FD-5BCE43B32AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*",
"matchCriteriaId": "1F0BF645-7C56-4ED6-91C0-AE4CFAB62EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*",
"matchCriteriaId": "D7875372-44D7-47AB-8F8C-4A3AB98FB3B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "898D5369-E2F3-450C-8554-1C692EAA9906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "74E5CAF7-C305-4FAF-8DA7-627D83F65185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself."
},
{
"lang": "es",
"value": "El controlador SYMDNS.SYS de Symantec Norton Internet Security y Professional 2002 a 2004, Norton Personal Firewall 2002 a 2004, Norton AntiSpam 2004, Client Firewall 5.01 y 5.1.1, Client Securiy 1.0 a 2.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumici\u00f3n de CPU en un buble infinito) mediante una respuesta DNS con un puntero de nombre comprimido que apunta a s\u00ed mismo."
}
],
"id": "CVE-2004-0445",
"lastModified": "2024-11-20T23:48:36.143",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2004-07-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11066"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1010144"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1010145"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1010146"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/682110"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6100"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10336"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1010144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1010145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1010146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/682110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16132"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-02 22:19
Modified
2024-11-21 00:29
Severity ?
Summary
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
"matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
"matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
"matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00819E08-CC5C-48FC-9F80-95B68AB19C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "EA28BC22-ABF0-4F1E-BA83-85B398775450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "44553774-85FF-4F2E-81CA-696A454EAA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5E129A-4FA8-4084-92BE-5A65FABD53DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "C988B309-F397-412A-8570-C3823C7FE7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "FA990FD5-DF2F-470A-936D-155A36BEDE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5F3CB3-7EB3-416C-AD2F-6357DC7248CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC50007-59F4-45B0-BABF-BCF2CAB4A9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."
},
{
"lang": "es",
"value": "El archivo SPBBCDrv.sys en Symantec Norton Personal Firewall 2006 versiones 9.1.0.33 y 9.1.1.7 no comprueba ciertos argumentos antes de ser pasado hacia los controladores de la funci\u00f3n SSDT enlazada, lo que permite a los usuarios locales causar una denegaci\u00f3n de servicio (bloqueo) o posiblemente ejecutar c\u00f3digo arbitrario por medio de argumentos creados para las funciones (1) NtCreateMutant y (2) NtOpenEvent. NOTA: m\u00e1s tarde se inform\u00f3 que Norton Internet Security 2008 versi\u00f3n 15.0.0.60, y posiblemente otras versiones de 2006, tambi\u00e9n se ven afectados."
}
],
"id": "CVE-2007-1793",
"lastModified": "2024-11-21T00:29:10.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-02T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/34692"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24677"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23241"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017837"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017838"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021386"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021387"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021388"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021389"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-07-26 04:00
Modified
2024-11-20 23:39
Severity ?
Summary
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | norton_internet_security | 2001 | |
| symantec | norton_personal_firewall | 2001_3.0.4.91 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2001:*:*:*:*:*:*:*",
"matchCriteriaId": "2D2C8E23-852E-4715-9D8D-18F26B1263A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2001_3.0.4.91:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA12C64-055D-4A98-A2C1-84FC2928E028",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request."
}
],
"id": "CVE-2002-0663",
"lastModified": "2024-11-20T23:39:35.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-07-26T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.atstake.com/research/advisories/2002/a071502-1.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9579.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/4366"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/5237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.07.15.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.atstake.com/research/advisories/2002/a071502-1.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9579.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/4366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/5237"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-16 22:19
Modified
2024-11-21 00:28
Severity ?
Summary
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of CVE-2006-4855.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | norton_personal_firewall | 2006_9.1.1.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC50007-59F4-45B0-BABF-BCF2CAB4A9B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data, a reintroduction of CVE-2006-4855."
},
{
"lang": "es",
"value": "El controlador de dispositivo \\Device\\SymEvent del Symantec Norton Personal Firewall 2006 9.1.1.7 y,posiblemente otros productos que utilicen el symevent.sys 12.0.0.20, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de un dato no v\u00e1lido, como lo demostrado llamando al DeviceIoControl para enviar un dato, una reproducci\u00f3n de la CVE-2006-4855."
}
],
"id": "CVE-2007-1495",
"lastModified": "2024-11-21T00:28:27.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-16T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2445"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/462792/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22961"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462792/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22961"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:43
Severity ?
Summary
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | norton_personal_firewall | 2002 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2002:4.0:*:*:*:*:*:*",
"matchCriteriaId": "70A94270-57B3-40FC-B9D5-2A19F59F6D32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets."
}
],
"id": "CVE-2002-2336",
"lastModified": "2024-11-20T23:43:26.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html"
},
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/10314.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-10/0156.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/294411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/10314.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5917"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-16"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | client_firewall | 5.01 | |
| symantec | client_firewall | 5.1.1 | |
| symantec | client_security | 1.0 | |
| symantec | client_security | 1.1 | |
| symantec | norton_internet_security | 2003 | |
| symantec | norton_internet_security | 2003 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_personal_firewall | 2003 | |
| symantec | norton_personal_firewall | 2004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4AEFBAEB-18D4-4082-9F19-C47113841C89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA9657C-14D2-418A-AABD-96392E87F4B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DFD4CB-40A1-4D70-97AC-0941826F28CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF97C5F-3A80-4973-85FD-5BCE43B32AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*",
"matchCriteriaId": "1F0BF645-7C56-4ED6-91C0-AE4CFAB62EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*",
"matchCriteriaId": "D7875372-44D7-47AB-8F8C-4A3AB98FB3B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "74E5CAF7-C305-4FAF-8DA7-627D83F65185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero."
},
{
"lang": "es",
"value": "SIMNDIS.SYS en Symantec Norton Internet Securiy 2003 y 2004, Norton Personal Firewall 2003 y 2004, Client Firewall 5.01 y 5.1.1, y Client Security 1.0 y 1.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito) mediante un paquete TCP con (1) opci\u00f3n SACK o (2) opci\u00f3n Suma de Comprobaci\u00f3n de Datos Alternativa seguida por una longitud cero."
}
],
"id": "CVE-2004-0375",
"lastModified": "2024-11-20T23:48:26.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108275582432246\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1009379"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1009380"
},
{
"source": "cve@mitre.org",
"url": "http://www.eeye.com/html/Research/Upcoming/20040309.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9912"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/avcenter/security/Content/2004.04.20.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15433"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108275582432246\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1009379"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1009380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.eeye.com/html/Research/Upcoming/20040309.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/avcenter/security/Content/2004.04.20.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15936"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-05 21:17
Modified
2024-11-21 00:25
Severity ?
Summary
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2AD14C-2BD2-4658-BDB0-232A9E26EA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "1E739083-DFC2-4A89-9F84-E067E127D420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E65DC45B-8FA9-453E-8249-45535EA64D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DA3717-A218-459B-891C-F3F945D42A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F11687CE-E997-4D26-ACAE-B9175348ADDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:caching:*:*:*:*:*",
"matchCriteriaId": "2F90AD67-02CB-4006-B567-631FD633DB17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "BC0F87D0-E4B5-41FC-8050-386B9CE04249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:microsoft_sharepoint:*:*:*:*:*",
"matchCriteriaId": "FBBFF303-3DD6-4312-94CD-37E5170A93AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:network_attached_storage:*:*:*:*:*",
"matchCriteriaId": "59962A9A-10F4-4F1B-A5AB-8743C0874963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "346F8C27-F389-412C-B7C2-2CF3344E557C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*",
"matchCriteriaId": "51170553-03E8-4588-97A0-8DA57C37B5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.8.29:*:*:*:*:*:*:*",
"matchCriteriaId": "A32C5A4C-9E39-4718-8BF1-283183B4A516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "301B1340-A402-4D3E-AAF8-17CD8B59517D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:caching:*:*:*:*:*",
"matchCriteriaId": "52CE5595-323D-45A2-BD05-C6B2CBD6BA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "3042D5B7-AE27-4664-87DB-679422029199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:messaging:*:*:*:*:*",
"matchCriteriaId": "671CBE65-1FCF-43B8-8D21-5C8CC7C17417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:microsoft_sharepoint:*:*:*:*:*",
"matchCriteriaId": "28BD859A-F57B-444C-8083-AE99E59B9DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:network_attached_storage:*:*:*:*:*",
"matchCriteriaId": "6158E16F-468A-4B76-8199-500FCAC1E54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "992DB720-52A8-43D4-B74B-96C0F763ED0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "685F58DC-6BD3-499C-A9D5-BB9C909FE857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95436CD6-8E9C-4F89-9683-0650F6167027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC910CFD-9F20-473E-BC2D-64A7A3C14404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "849782E0-9F26-411F-82B9-88B5FC4F4C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD87DB3-45C2-4091-A83B-25E427563C70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0910781-9EF9-4188-AA33-1C54F01A0832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7647813B-2B9F-4B0F-96D1-C533A49DDC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09AD23D0-4502-4090-9172-002B92D83C09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*",
"matchCriteriaId": "97AF14CF-3BD6-4A03-B543-3150C656198E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*",
"matchCriteriaId": "8A1E2653-A061-48BD-AC62-643CDD78E859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*",
"matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*",
"matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*",
"matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D86F7A-F2C0-471C-8EA8-E1C7230F25AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*",
"matchCriteriaId": "11C1491F-01A1-47B1-87BB-6F7676448A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "9204DC08-0809-4762-B5CB-5485E67CA31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*",
"matchCriteriaId": "841CF36F-14A0-49A6-8442-681F25DC8DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
"matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "DA6CFDFD-1EB4-458A-AD39-320E619593D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "05B85F14-4248-4550-BE7F-D9BAB9DC90C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build456:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "419D2E24-CA90-471D-9F35-1795F6A65B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build463:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "965DA3C4-7559-4583-A5DC-BEABEAA7E87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build465:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "EBEB8E8E-DB27-45FB-90CA-2CF3A515AC4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build736:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8184E073-37B0-4654-8DF8-379EFC5FB0D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build741:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C29B7C1F-C4AB-4CAB-8177-B64F4B8A2B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build743:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "D1FBFE00-4692-48C2-A6C7-9179E185A275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0.1:*:domino:*:*:*:*:*",
"matchCriteriaId": "DBE74BFA-003E-40CC-83E1-1AC7159B0C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build458:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E21CDCBA-3C86-462B-8383-58C893978EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build459:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E6179A68-2322-4D79-9446-5A5E4B27AD33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build461:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "EE92421B-C0CA-4B28-9E26-EF0A115C9330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "DC8AD646-E257-4065-B358-8B4944D327E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5.4.743:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "F50BA510-67D5-4FF1-87D0-215B68D20EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*",
"matchCriteriaId": "5CA62889-7A55-459F-BFD8-D38CD93F9219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_736:*:exchange:*:*:*:*:*",
"matchCriteriaId": "766327B9-E8DA-4422-80C2-48E333161D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_741:*:exchange:*:*:*:*:*",
"matchCriteriaId": "3C5FF883-831F-47CC-BD04-BBFD25BDE8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6.1.107:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C6EAA83D-2073-4360-BD3C-59AF34EADE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6.3:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "60D239DF-65AD-4492-AEE1-FCD36E99DD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6_build_97:*:exchange:*:*:*:*:*",
"matchCriteriaId": "7AD92ABA-2D03-46FD-85D5-33FC369015DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.204:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8E1C4824-3774-41EF-80E1-42A417830978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.1.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "A3D2C4B6-2F13-4487-989E-AC247D4D011A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "091D4557-21F6-412F-933A-9F0FD8152E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:corporate_edition_for_linux:*:*:*:*:*",
"matchCriteriaId": "2CC0DE59-149C-42DD-9516-BDB79A9BC412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "88FE6753-A619-4703-8120-F23EEC8C48EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "497635AC-D7F2-4A5C-8C37-DA493C9681A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "E72D8D65-340C-4505-AA80-F9E7870513EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "774AD674-895A-4242-9AC9-BAD6CB862785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "242D33E8-1B6B-4562-9F2A-1B34E3B7BC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "C9797D21-CD64-4B61-A4C1-AC4AD3F9B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "252ACD1B-323F-4139-880D-89D600F29986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "618F6F78-566A-4901-8B57-BB6DCAC7E892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "B2D0922A-3EA3-4BC9-9311-9DCA57338CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "EB7F329F-4390-4735-B2C2-BC6A72FBE36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A5D058F6-779B-4ED4-ADC7-A68491F72BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:mr4_build_1000:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "29E1AF72-6D48-4DAF-904A-B55366189251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "4B5EE3B2-FF16-4231-B99D-81CB10239576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "7D26AB91-36AB-4BF6-9D0D-098F04C60AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "E5E0AB4E-4DD0-4D87-BBE5-B459A8B7301F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "4433613D-EB44-4D60-861F-F9FFA2ED4F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "7225A578-8F62-42BD-99AC-D3385478613A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "FF0903BD-3E78-4024-A773-16100F519B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0.359:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "BF18D806-E781-4F17-9341-D48CBC06949E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "1B390577-F1F1-4821-90FB-967E749F7CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "88AA69B4-865C-4959-9681-62A7591D6CFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "55EDC888-F593-49E8-95A4-87D8FE9CC09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B7A47F4F-DC34-4B7D-9C3A-4631FFFC1142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B70ACBE6-C754-4A6F-AC2F-89657DA179E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "8C6C2421-5651-4B3F-9DBC-DC411C989BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "5B967B9A-215D-470A-9722-5782D0AE0980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "F4BFDD98-F70E-41A9-9245-7EC5D140D4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "DFC9BF64-65E7-4E0E-A637-13794A02CEED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "6B188333-A087-4FC7-864B-F802932455F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A33A8A08-F356-4616-A603-00ADCC062D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B5889206-CE1C-489B-8984-EE4055BBC6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "62EA1AE0-6A8B-4C13-B95D-7F9694AD5535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:mr4_mp1_build4010:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B31249CA-296D-42C2-8939-61B990559BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "5C6B6D3A-715A-45B9-8231-77A6DE847973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "73A3CB7B-DD39-48E7-8D33-1E222933A7D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "116F0C9D-9255-4B98-B1CF-C78A96240784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A8957B43-0673-439F-86F6-5791372BA498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "D2ACD718-6232-463A-ACEE-B06A02D3243A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.9.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "44073E2A-A8AB-4D1A-BCFC-8439E40E97E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5E129A-4FA8-4084-92BE-5A65FABD53DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "C2E302A4-72F8-478B-9FA2-2536902986B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "3967227C-FCB1-486E-A6C4-43B8004C4A12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "894F1929-1029-4B57-A66A-EA58F7D94D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "C532E93A-5D0D-454D-8B14-F5E9C6A0499F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "D2259605-B720-42B0-8476-6CAE07C7B143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "09CA1AC8-E273-44C1-9D1C-19542EB57433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "F39AE3D7-7018-47AB-B332-D40EA5273CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "82446BA3-92F9-4689-9D67-3CE159AA0F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.5.6.14:*:*:*:*:*:*",
"matchCriteriaId": "98F9F2E3-1775-4EF9-9FE0-0D011307C269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*",
"matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC50007-59F4-45B0-BABF-BCF2CAB4A9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "F648A08A-24EF-45A5-B7FD-00CAD5892061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:premier:*:*:*:*:*",
"matchCriteriaId": "CBB1521D-B16D-4E28-8723-AF96E95D7596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "67EECA52-EECB-4AAA-85F9-ADBE028B8068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "CE8022C6-360B-4A3D-AD70-3DC79B339231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:symantec_antivirus_filtering_\\+for_domino:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "37AE8BC0-663C-4D1D-8FF5-13F682BBEE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "60B08F85-A0E6-4984-83E9-41CD29751BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "690F3A5F-F990-41C9-9964-B033188C86F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43E4FAC8-2893-48FA-B159-49C8AA380338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.70:*:*:*:*:*:*:*",
"matchCriteriaId": "5D37768F-A43C-420E-85CA-A5EF3E30F47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.76:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE3F492-D08F-4558-BC19-F33BBB0D55A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.70:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CD5C31-4F4A-44F1-A3E1-2B4BB78E152D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.72:*:*:*:*:*:*:*",
"matchCriteriaId": "F39BAADB-6BF1-4871-ABEC-4BFA1321FE59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.74:*:*:*:*:*:*:*",
"matchCriteriaId": "451A414E-1A02-45D1-8DFC-61B3E17BF12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*",
"matchCriteriaId": "B05B8522-E203-49A0-8C5B-3DA7B06AF5AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD064CE-3C39-4243-B59E-CC8E48ED50DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*",
"matchCriteriaId": "9886B467-793C-4D07-9B1B-B80FA5266D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*",
"matchCriteriaId": "676F5A96-B21B-49FF-86EA-F18F9C3931C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*",
"matchCriteriaId": "18991132-C5B6-43AB-BDCB-196BB2957F27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*",
"matchCriteriaId": "42CE2596-83A9-4A80-A8C6-825EDEAAB8B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA16BAF-6263-44EA-B3EB-187264913D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:5.0:*:microsoft_isa_2004:*:*:*:*:*",
"matchCriteriaId": "8E7C32F4-1225-4A4E-BD98-DFE026383482",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5000_series:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76147168-37FB-444C-BD40-EFC31A0A499A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:mail_security_8820_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "823BD557-6352-4EC2-AE78-2C0CE6F660D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el componente Decomposer en m\u00faltiples producto Symantec que permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de archivos .CAB manipulados."
}
],
"id": "CVE-2007-0447",
"lastModified": "2024-11-21T00:25:53.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-05T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36118"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26053"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24282"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-040.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-16 20:30
Modified
2024-11-21 00:28
Severity ?
Summary
Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | norton_internet_security | 2004 | |
| symantec | norton_personal_firewall | 2004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el control ActiveX ISAlertDataCOM, en ISLALERT.DLL para Norton Personal Firewall 2004 e Internet Security 2004 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante argumentos largos para las funciones (1) Get y (2) Set."
}
],
"id": "CVE-2007-1689",
"lastModified": "2024-11-21T00:28:55.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-16T20:30:00.000",
"references": [
{
"source": "cret@cert.org",
"url": "http://osvdb.org/36164"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25290"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/983953"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/468779/100/0/threaded"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/23936"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1018073"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.05.16.html"
},
{
"source": "cret@cert.org",
"url": "http://www.vupen.com/english/advisories/2007/1843"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/983953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/468779/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2007.05.16.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34328"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-21 21:04
Modified
2024-11-21 00:15
Severity ?
Summary
Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product's functionality is intended to protect against privileged actions such as this.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | norton_personal_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3559D0D7-09DD-454F-A96A-FD6D773AAA9F",
"versionEndIncluding": "2006_9.1.0.33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\\SOFTWARE\\Symantec\\CCPD\\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product\u0027s functionality is intended to protect against privileged actions such as this."
},
{
"lang": "es",
"value": "Symantec Norton Personal Firewall 2006 9.1.0.33, y posiblemente anteriores, no protege adecuadamente las claves de registro de Norton, lo cual permite a usuarios locales proporcionar librer\u00edas a modo de troyanos a Norton mediante el uso de RegSaveKey y RegRestoreKey para modificar HKLM\\SOFTWARE\\Symantec\\CCPD\\SuiteOwners, como ha sido demostrado usando NISProd.dll. NOTA: en la mayor\u00eda de los casos, este ataque no cruzar\u00eda los l\u00edmites de privilegios, porque la modificaci\u00f3n de la clave SuiteOwners requiere privilegios de administraci\u00f3n. No obstante, este problema es una vulnerabilidad porque la funcionalidad del producto pretende proteger contra acciones con privilegios como esta."
}
],
"id": "CVE-2006-4266",
"lastModified": "2024-11-21T00:15:31.817",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-21T21:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1428"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/info/advisories/Norton-DLL-faking-via-SuiteOwners-protection-bypass.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/443632/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/info/advisories/Norton-DLL-faking-via-SuiteOwners-protection-bypass.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/443632/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19585"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-15 21:30
Modified
2024-11-21 00:33
Severity ?
Summary
Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\symTDI\, which results in memory overwrite.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | client_security | 2.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.1 | |
| symantec | norton_antispam | 2005 | |
| symantec | norton_antivirus | 9.0 | |
| symantec | norton_antivirus | 9.0.0.338 | |
| symantec | norton_antivirus | 9.0.1 | |
| symantec | norton_antivirus | 9.0.1.1.1000 | |
| symantec | norton_antivirus | 9.0.1.1000 | |
| symantec | norton_antivirus | 9.0.2 | |
| symantec | norton_antivirus | 9.0.2.1000 | |
| symantec | norton_antivirus | 9.0.3.1000 | |
| symantec | norton_antivirus | 9.0.4 | |
| symantec | norton_antivirus | 9.0.5 | |
| symantec | norton_antivirus | 9.0.5.1100 | |
| symantec | norton_antivirus | 10.0 | |
| symantec | norton_antivirus | 10.1 | |
| symantec | norton_antivirus | 2005 | |
| symantec | norton_antivirus | 2006 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_personal_firewall | 2005 | |
| symantec | norton_personal_firewall | 2006 | |
| symantec | norton_system_works | 2005 | |
| symantec | norton_system_works | 2006 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "44553774-85FF-4F2E-81CA-696A454EAA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*",
"matchCriteriaId": "91F70069-D0F2-41D8-862F-2162CE12D49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "2860637E-6FA5-445A-86B5-E9F2D2D7DD37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "018D1F3B-BAFC-461E-B833-9E0F98A6533D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4B9AED5E-2D66-4EB2-95CC-158D909AAE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C18E6605-5F86-4957-AE16-80F59F40110E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "56D54011-9B09-4C63-8301-609C03E51099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9EF7F7F6-FC6B-4258-AE1D-3E4C19B365B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A10DA055-1F24-4AFD-A688-58D1DB4FB64A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "81AE594C-41ED-4FE8-839D-B604AE8DC901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5F3CB3-7EB3-416C-AD2F-6357DC7248CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\\\symTDI\\, which results in memory overwrite."
},
{
"lang": "es",
"value": "Symantec symtdi.sys versiones anteriores a 7.0.0, tal y como se distribuye en Symantec AntiVirus Corporate Edition 9 hata 10.1 y Client Security 2.0 hasta 3.1, Norton AntiSpam 2005, y Norton AntiVirus, Internet Security, Personal Firewall, y System Works 2005 y 2006; permite a usuarios locales obtener privilegios mediante un Interrupt Request Packet (Irp) manipulado en una petici\u00f3n IOCTL 0x83022323 a \\\\symTDI\\, que resulta en una sobre-escritura de memoria."
}
],
"id": "CVE-2007-3673",
"lastModified": "2024-11-21T00:33:47.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-15T21:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36117"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26042"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018372"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22351"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2507"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26042"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/22351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-16 21:19
Modified
2024-11-21 00:28
Severity ?
Summary
The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*",
"matchCriteriaId": "97AF14CF-3BD6-4A03-B543-3150C656198E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:*:*:*:*:*:*",
"matchCriteriaId": "5F68FB11-C830-4579-A29D-0E2A57CDE9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*",
"matchCriteriaId": "8A1E2653-A061-48BD-AC62-643CDD78E859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "251E7DE8-4485-438E-B62D-1BF508ECCCF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*",
"matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "742DB20E-AB26-4CF4-A383-BDCF3FBA448F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*",
"matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5E4BCD7-E441-417A-8C52-E1DE80AD67CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*",
"matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D86F7A-F2C0-471C-8EA8-E1C7230F25AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*",
"matchCriteriaId": "11C1491F-01A1-47B1-87BB-6F7676448A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6A0AFF82-E613-40E2-AAD5-37241294D981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*",
"matchCriteriaId": "69E9F1EE-CB23-42DE-8787-7F477D16329F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "9204DC08-0809-4762-B5CB-5485E67CA31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7FF193-6B91-4ED7-AF00-1D201C98BAFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*",
"matchCriteriaId": "841CF36F-14A0-49A6-8442-681F25DC8DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C2D813-C219-4FF3-9C3B-DBB855480492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A00A25-A52F-4E9D-AAD0-194171C772FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5324D40A-76EA-4CC4-A1B1-971069A4E161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
"matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
"matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
"matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "44553774-85FF-4F2E-81CA-696A454EAA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:3.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "2D76AF2F-3DBA-4E78-B999-08F2302CFB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*",
"matchCriteriaId": "91F70069-D0F2-41D8-862F-2162CE12D49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "2860637E-6FA5-445A-86B5-E9F2D2D7DD37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "018D1F3B-BAFC-461E-B833-9E0F98A6533D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4B9AED5E-2D66-4EB2-95CC-158D909AAE6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C18E6605-5F86-4957-AE16-80F59F40110E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "56D54011-9B09-4C63-8301-609C03E51099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9EF7F7F6-FC6B-4258-AE1D-3E4C19B365B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A10DA055-1F24-4AFD-A688-58D1DB4FB64A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "19859DA5-66FB-4CFB-8FC4-0825E38C0381",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C86261D8-47C4-4476-925E-71E961A5242A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate:*:*:*:*:*",
"matchCriteriaId": "7544F4F3-D3A8-4814-9727-6077542FC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A5994802-8D88-4492-9CA3-D6263A78DC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "88090CD5-A324-4A41-A55E-9381FBC14B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*",
"matchCriteriaId": "78E79E4D-E93B-4C6C-92EE-1E33EE1AEB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*",
"matchCriteriaId": "F6E6EC72-9B83-4685-B48E-25E4211EC280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*",
"matchCriteriaId": "275187A5-FB3A-41C2-A6F4-F2DC9D88D0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A7F0C0E9-9665-452E-A382-04656F2009AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6A220194-CCB1-41F6-9CB0-A79C2E5E36FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4D3CBEF5-25C6-41E8-97A3-2AA43134E619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "81AE594C-41ED-4FE8-839D-B604AE8DC901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DA2BB94A-9561-4B92-8BEF-1377E77D2A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate:*:*:*:*:*",
"matchCriteriaId": "7EF25D8D-CE96-43B7-BA96-7AF61D0514D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E344EFB5-A340-4226-B79B-CB0DB824BA9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4AB33BC0-813C-4944-9835-A1F62614CC97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate:*:*:*:*:*",
"matchCriteriaId": "423C4F6C-4D87-4604-9122-02E2F06FAFB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate:*:*:*:*:*",
"matchCriteriaId": "60BBE26A-E648-440F-9F08-AA7DD62D6C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4EBBB8F-C17F-4E15-ADA6-1E8E572954BF",
"versionEndIncluding": "2006_9.1.1.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5F3CB3-7EB3-416C-AD2F-6357DC7248CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver\u0027s \\Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855."
},
{
"lang": "es",
"value": "El controlador de dispositivo SymTDI (SYMTDI.SYS) en Symantec Norton Personal Firewall 2006 versi\u00f3n 9.1.1.7 y anteriores, Internet Security 2005 y 2006, AntiVirus Corporate Edition versi\u00f3n 3.0.x hasta 10.1.x, y otros productos Norton, permiten a los usuarios locales causar una denegaci\u00f3n de servicio (bloqueo de sistema) al enviar datos creados al archivo \\Device del controlador, que activa un acceso a la memoria no v\u00e1lido, una vulnerabilidad diferente a la CVE-2006-4855."
}
],
"id": "CVE-2007-1476",
"lastModified": "2024-11-21T00:28:24.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-16T21:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=full-disclosure\u0026m=117396596027148\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35088"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2438"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018656"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/462926/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22977"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/avcenter/security/Content/2007.09.05.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=full-disclosure\u0026m=117396596027148\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymTDI-driver-input-buffer.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/462926/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/avcenter/security/Content/2007.09.05.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33003"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-21 14:03
Modified
2024-11-21 00:14
Severity ?
Summary
Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\SYSTEM\CurrentControlSet\Services\SNDSrvc and (2) HKLM\SYSTEM\CurrentControlSet\Services\SymEvent registry keys.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | norton_personal_firewall | 2006_9.1.0.33 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and RegDeleteKey operations on the (1) HKLM\\SYSTEM\\CurrentControlSet\\Services\\SNDSrvc and (2) HKLM\\SYSTEM\\CurrentControlSet\\Services\\SymEvent registry keys."
},
{
"lang": "es",
"value": "Norton Personal Firewall 2006 9.1.0.33 permite a usuarios locales provocar denegaci\u00f3n de servicio (caida) a trav\u00e9s de ciertas operaciones de RegSaveKey, RegRestoreKey y RegDeleteKey sobre las llaves del registro (1) HKLM\\SYSTEM\\CurrentControlSet\\Services\\SNDSrvc y (2) HKLM\\SYSTEM\\CurrentControlSet\\Services\\SymEvent"
}
],
"id": "CVE-2006-3725",
"lastModified": "2024-11-21T00:14:16.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-21T14:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1241"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/440110/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18995"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-protection-of-Norton-service-registry-keys.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/440110/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18995"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27764"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-19 18:07
Modified
2024-11-21 00:16
Severity ?
Summary
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DFD4CB-40A1-4D70-97AC-0941826F28CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.0_b8.01.9378:*:*:*:*:*:*:*",
"matchCriteriaId": "9A56518F-41E9-455D-9AC1-98FFDCE295C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C856CC4-0AAE-4539-A57B-0160AA5751F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:*",
"matchCriteriaId": "9EE482AD-A0F8-4634-A3FE-08F112647648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:*",
"matchCriteriaId": "B3FC66EB-2267-4B42-BD99-C4344DAE1C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*",
"matchCriteriaId": "BE15AE1D-8647-444F-90F0-FC658A3AC344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*",
"matchCriteriaId": "0C03FA86-F2E6-4E41-8368-E917C91D7837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*",
"matchCriteriaId": "95BF74F0-40F1-4395-AC85-E6B566950C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*",
"matchCriteriaId": "994CB184-AFE8-4673-ACE8-085813F1E71F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*",
"matchCriteriaId": "85CF6FFB-4189-4558-A70D-DE6D4C0C1F82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*",
"matchCriteriaId": "31D6A148-A92C-4FCA-8762-16764D62C363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*",
"matchCriteriaId": "3E6E2EA2-88DA-4DF0-9AA3-3E3D2C80C04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:*",
"matchCriteriaId": "AC1B69D3-8A9C-481E-8891-1ACD8479CBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:*",
"matchCriteriaId": "70D72649-92F9-4820-B5A5-A14B52714809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA2590E-DFB0-4B72-99BC-B49AD97A4969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*",
"matchCriteriaId": "766C850E-817E-41AB-B0FF-413513548BC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*",
"matchCriteriaId": "FB47C16B-5221-4D64-BDB2-65D072A66C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*",
"matchCriteriaId": "204F2046-F116-45D7-9256-179A3B59886A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C67C0-3CF1-4BAD-A673-9B783E1D0724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*",
"matchCriteriaId": "274EA5DA-9519-46DE-B11E-87BDF1978E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*",
"matchCriteriaId": "044C020A-0BCC-4037-BC32-73385A0BE019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*",
"matchCriteriaId": "9A0176BE-3D55-422B-9FDD-961A00CFAC19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3D7305-B8D0-4165-9F0F-50A49142EF2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*",
"matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*",
"matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*",
"matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*",
"matchCriteriaId": "69E9F1EE-CB23-42DE-8787-7F477D16329F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C2D813-C219-4FF3-9C3B-DBB855480492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A00A25-A52F-4E9D-AAD0-194171C772FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:host_ids:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F05B889-88D3-41AF-A79D-3E2F689BA1AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2.1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "A9415109-C554-40F6-851E-CC016951BDF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "595CDCD1-4E0B-49E4-B726-82FAA99EF70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DBBAD310-3E2E-4E83-A605-47540668827F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.425a:*:corporate:*:*:*:*:*",
"matchCriteriaId": "F4341136-7821-4638-9F36-93361327250E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.425c:*:corporate:*:*:*:*:*",
"matchCriteriaId": "497BC653-98D7-41C5-94BB-2634B9C5BF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.501:*:corporate:*:*:*:*:*",
"matchCriteriaId": "094EED2C-F8FA-418B-B110-E44D90B9BA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.9374:*:corporate:*:*:*:*:*",
"matchCriteriaId": "15AEADC9-00B9-43BA-AABB-ADB7627CF0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.9378:*:corporate:*:*:*:*:*",
"matchCriteriaId": "39D769B1-B1D6-4F5C-9C66-00055D4A6618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3AA02AEB-362B-4A09-92E3-D6D8BB4B6CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3A82AC27-8BE6-47F7-A6EC-F4C21373AA58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ECAA6170-5520-4AA9-8358-5F91FD10420E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EC4CFE5A-4D51-405D-B92E-37DE4E617ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*",
"matchCriteriaId": "727A116A-D18C-4F3F-A6A8-2C6107FFB8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EAE76215-2A7E-4D71-8757-AE10E4A9AE0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*",
"matchCriteriaId": "AF45DF9D-D7BE-41AD-A838-0AF9A264EBFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4A6612F1-4CA8-427A-AED4-854F943BA3D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*",
"matchCriteriaId": "902A4011-83C5-4A3B-B443-C51EA855E8E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*",
"matchCriteriaId": "8BB225A0-7FB9-4AD2-8ED2-5CC1AEBAAB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9603C423-F24A-4607-B721-D02EDA94AE8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*",
"matchCriteriaId": "574AAAA6-8181-457B-84CE-5AEB1895E3B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DF957AD3-B6E5-4BD7-832F-33E734817B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*",
"matchCriteriaId": "14D862F4-BE5F-4E6B-9955-ACFB48A5D3B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*",
"matchCriteriaId": "768B7F5E-E4AD-420E-92FA-A58E1AE3D1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C15B7FEA-E6A9-4DBE-B1A9-E17E91512A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*",
"matchCriteriaId": "91F70069-D0F2-41D8-862F-2162CE12D49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C18E6605-5F86-4957-AE16-80F59F40110E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "56D54011-9B09-4C63-8301-609C03E51099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9EF7F7F6-FC6B-4258-AE1D-3E4C19B365B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A10DA055-1F24-4AFD-A688-58D1DB4FB64A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "88090CD5-A324-4A41-A55E-9381FBC14B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*",
"matchCriteriaId": "78E79E4D-E93B-4C6C-92EE-1E33EE1AEB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*",
"matchCriteriaId": "F6E6EC72-9B83-4685-B48E-25E4211EC280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*",
"matchCriteriaId": "275187A5-FB3A-41C2-A6F4-F2DC9D88D0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A7F0C0E9-9665-452E-A382-04656F2009AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6A220194-CCB1-41F6-9CB0-A79C2E5E36FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4D3CBEF5-25C6-41E8-97A3-2AA43134E619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "81AE594C-41ED-4FE8-839D-B604AE8DC901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "34B1D862-2CB4-4D50-9BBA-0507FEAA1924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2003:*:professional:*:*:*:*:*",
"matchCriteriaId": "7D43A376-4282-4A66-860D-50483438EC80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "C2E302A4-72F8-478B-9FA2-2536902986B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "C988B309-F397-412A-8570-C3823C7FE7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF97C5F-3A80-4973-85FD-5BCE43B32AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:professional:*:*:*:*:*",
"matchCriteriaId": "EF583EBF-0FDC-45FD-ADAE-C38D9DB34ED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "09CA1AC8-E273-44C1-9D1C-19542EB57433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*",
"matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "74E5CAF7-C305-4FAF-8DA7-627D83F65185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5F3CB3-7EB3-416C-AD2F-6357DC7248CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2003_professional_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "79F3EAD1-C4DA-48E8-A582-A14F4401AD15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004_professional_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "C37BF3DA-FD23-49A1-B97D-FD3B5896574D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005_premier:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E481D2-87F3-4912-BB87-5168C6A1BE23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data."
},
{
"lang": "es",
"value": "El driver \\Device\\SymEvent en Symantec Norton Personal Firewall 2006 9.1.0.33, y otras versiones del Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, y 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0 y 10.1, Symantec pcAnywhere 11.5 y Symantec Host, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) v\u00eda una informaci\u00f3n inv\u00e1lida, como ha sido demostrado llamando a DeviceIoControl para enviar la informaci\u00f3n."
}
],
"id": "CVE-2006-4855",
"lastModified": "2024-11-21T00:16:54.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-19T18:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21938"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1591"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016889"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016892"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016893"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016894"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016895"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016896"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016897"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016898"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20051"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-04-19 16:06
Modified
2024-11-21 00:09
Severity ?
Summary
Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | liveupdate | 3.0 | |
| symantec | liveupdate | 3.0.1 | |
| symantec | liveupdate | 3.0.2 | |
| symantec | liveupdate | 3.0.3 | |
| symantec | liveupdate | 3.5 | |
| symantec | norton_antivirus | 9.0.0 | |
| symantec | norton_antivirus | 9.0.1 | |
| symantec | norton_antivirus | 9.0.2 | |
| symantec | norton_antivirus | 9.0.3 | |
| symantec | norton_antivirus | 10.0 | |
| symantec | norton_antivirus | 10.0.0 | |
| symantec | norton_antivirus | 10.0.1 | |
| symantec | norton_antivirus | 10.9.1 | |
| symantec | norton_internet_security | 3.0 | |
| symantec | norton_personal_firewall | 3.0 | |
| symantec | norton_personal_firewall | 3.1 | |
| symantec | norton_system_works | 3.0 | |
| symantec | norton_utilities | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:liveupdate:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "05EE17B2-8E91-4413-A35A-183C3000B6A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:liveupdate:3.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "FB2DE1ED-01B8-42A1-BA70-BA15328B2E6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:liveupdate:3.0.2:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "B3F2C272-73E6-4D07-A72D-145A6BF1818C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:liveupdate:3.0.3:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "50D20D8E-A7D7-4DD6-9918-2E609A7D7620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:liveupdate:3.5:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "749C0B32-9669-4CD6-8615-BCD76C768532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "E72D8D65-340C-4505-AA80-F9E7870513EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "242D33E8-1B6B-4562-9F2A-1B34E3B7BC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "252ACD1B-323F-4139-880D-89D600F29986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "B2D0922A-3EA3-4BC9-9311-9DCA57338CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "7225A578-8F62-42BD-99AC-D3385478613A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "FF0903BD-3E78-4024-A773-16100F519B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "1B390577-F1F1-4821-90FB-967E749F7CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.9.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "44073E2A-A8AB-4D1A-BCFC-8439E40E97E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "D2259605-B720-42B0-8476-6CAE07C7B143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "9CC3459D-1F86-48A4-9DC2-0E542AEAC97D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:3.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "608F8ECE-F8A9-4659-9ED7-79ADD61E5099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "F648A08A-24EF-45A5-B7FD-00CAD5892061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_utilities:8.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "DCB3EF92-1CEA-4E57-94E7-0C596998F4CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program."
}
],
"id": "CVE-2006-1836",
"lastModified": "2024-11-21T00:09:52.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-04-19T16:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19682"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/100"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015953"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/431318/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/17571"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/1386"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.04.17b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015953"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/431318/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/17571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/1386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25839"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | norton_personal_firewall | 2002 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "898D5369-E2F3-450C-8554-1C692EAA9906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan."
}
],
"id": "CVE-2002-1778",
"lastModified": "2024-11-20T23:42:06.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/267850"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4521"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/267850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/8859"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-07-07 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | client_firewall | 5.01 | |
| symantec | client_firewall | 5.1.1 | |
| symantec | client_security | 1.0 | |
| symantec | client_security | 1.1 | |
| symantec | client_security | 1.2 | |
| symantec | client_security | 1.3 | |
| symantec | client_security | 1.4 | |
| symantec | client_security | 1.5 | |
| symantec | client_security | 1.6 | |
| symantec | client_security | 1.7 | |
| symantec | client_security | 1.8 | |
| symantec | client_security | 1.9 | |
| symantec | client_security | 2.0 | |
| symantec | norton_antispam | 2004 | |
| symantec | norton_internet_security | 2002 | |
| symantec | norton_internet_security | 2002 | |
| symantec | norton_internet_security | 2003 | |
| symantec | norton_internet_security | 2003 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_personal_firewall | 2002 | |
| symantec | norton_personal_firewall | 2003 | |
| symantec | norton_personal_firewall | 2004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4AEFBAEB-18D4-4082-9F19-C47113841C89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA9657C-14D2-418A-AABD-96392E87F4B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DFD4CB-40A1-4D70-97AC-0941826F28CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "102D0C6A-31B8-4275-A805-4CA446D1C77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA18147D-E618-4902-8837-5824240DD50E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "75D357CC-EAD0-42E3-B38C-BE2DC44D154E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "201403B4-3B5C-4F77-ADAE-7A553D4D58F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A8D19926-AB65-4C06-8C44-7EA9B070FD1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0F27E94F-F6D6-4C40-878F-BF952658A909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA71038-2D4E-4366-A3D1-AD85251B3E5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "CC689F12-84C6-4B52-970F-DAF6B00B4A42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "EA28BC22-ABF0-4F1E-BA83-85B398775450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "F05FEBA2-33E8-4074-8B57-4FE6FFEF2F32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2002:*:pro:*:*:*:*:*",
"matchCriteriaId": "A5FA0458-AB41-495E-B41F-C18B4E6876CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF97C5F-3A80-4973-85FD-5BCE43B32AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*",
"matchCriteriaId": "1F0BF645-7C56-4ED6-91C0-AE4CFAB62EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*",
"matchCriteriaId": "D7875372-44D7-47AB-8F8C-4A3AB98FB3B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "898D5369-E2F3-450C-8554-1C692EAA9906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "74E5CAF7-C305-4FAF-8DA7-627D83F65185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components."
},
{
"lang": "es",
"value": "M\u00faltiples vulenrabilidades en SYMDNS.SYS de Symantec Noton Internet Security y Professional 2002 a 2004, Norton Persnoal Firewall 2002 a 2004, Norton AntiSpam 2004, Client Firewal 5.01 y 5.1.1, y Client Security 1.0 a 2.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo de su elecci\u00f3n mediante \r\n(1) un byte de longitud manipulado en la rutina de decodificaci\u00f3n de primer nivel del Servicio de Nombres de NetBIOS (NBNS) que modifica una variable de \u00edndice que conduce a un desbordamiento de b\u00fafer en la pila,\r\n(2) un problema de corrupci\u00f3n del mont\u00f3n en una respuesta NBNS a la que le faltan ciertos campor RR, y \r\n(3) un desbordamiento de b\u00fafer basado en la pila en el componente DNS mediante un Registro de Recurso (RR) con un nombre can\u00f3nico (CNAME) largo compuest de muchos componentes m\u00e1s peque\u00f1os."
}
],
"id": "CVE-2004-0444",
"lastModified": "2024-11-20T23:48:35.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-07-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11066"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1010144"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1010145"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1010146"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/294998"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/634414"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/637318"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6099"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6101"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6102"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10333"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10334"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/10335"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16134"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16135"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021360.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021361.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021362.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11066"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1010144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1010145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1010146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-141.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/294998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/634414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/637318"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6101"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6102"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/10335"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16137"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-05 21:17
Modified
2024-11-21 00:33
Severity ?
Summary
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D2AD14C-2BD2-4658-BDB0-232A9E26EA2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "1E739083-DFC2-4A89-9F84-E067E127D420",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E65DC45B-8FA9-453E-8249-45535EA64D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C9DA3717-A218-459B-891C-F3F945D42A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F11687CE-E997-4D26-ACAE-B9175348ADDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:caching:*:*:*:*:*",
"matchCriteriaId": "2F90AD67-02CB-4006-B567-631FD633DB17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "BC0F87D0-E4B5-41FC-8050-386B9CE04249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:microsoft_sharepoint:*:*:*:*:*",
"matchCriteriaId": "FBBFF303-3DD6-4312-94CD-37E5170A93AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:network_attached_storage:*:*:*:*:*",
"matchCriteriaId": "59962A9A-10F4-4F1B-A5AB-8743C0874963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "346F8C27-F389-412C-B7C2-2CF3344E557C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*",
"matchCriteriaId": "51170553-03E8-4588-97A0-8DA57C37B5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.8.29:*:*:*:*:*:*:*",
"matchCriteriaId": "A32C5A4C-9E39-4718-8BF1-283183B4A516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "301B1340-A402-4D3E-AAF8-17CD8B59517D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:caching:*:*:*:*:*",
"matchCriteriaId": "52CE5595-323D-45A2-BD05-C6B2CBD6BA38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:clearswift:*:*:*:*:*",
"matchCriteriaId": "3042D5B7-AE27-4664-87DB-679422029199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:messaging:*:*:*:*:*",
"matchCriteriaId": "671CBE65-1FCF-43B8-8D21-5C8CC7C17417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:microsoft_sharepoint:*:*:*:*:*",
"matchCriteriaId": "28BD859A-F57B-444C-8083-AE99E59B9DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:network_attached_storage:*:*:*:*:*",
"matchCriteriaId": "6158E16F-468A-4B76-8199-500FCAC1E54D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "992DB720-52A8-43D4-B74B-96C0F763ED0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_scan_engine:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "685F58DC-6BD3-499C-A9D5-BB9C909FE857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95436CD6-8E9C-4F89-9683-0650F6167027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FC910CFD-9F20-473E-BC2D-64A7A3C14404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "849782E0-9F26-411F-82B9-88B5FC4F4C92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD87DB3-45C2-4091-A83B-25E427563C70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E0910781-9EF9-4188-AA33-1C54F01A0832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7647813B-2B9F-4B0F-96D1-C533A49DDC6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_antispam:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "09AD23D0-4502-4090-9172-002B92D83C09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:scf_7.1:*:*:*:*:*",
"matchCriteriaId": "97AF14CF-3BD6-4A03-B543-3150C656198E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:build_9.0.0.338:stm:*:*:*:*:*",
"matchCriteriaId": "8A1E2653-A061-48BD-AC62-643CDD78E859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*",
"matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*",
"matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*",
"matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D86F7A-F2C0-471C-8EA8-E1C7230F25AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.4:mr4_build1000:*:*:*:*:*:*",
"matchCriteriaId": "11C1491F-01A1-47B1-87BB-6F7676448A2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "9204DC08-0809-4762-B5CB-5485E67CA31D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*",
"matchCriteriaId": "841CF36F-14A0-49A6-8442-681F25DC8DCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
"matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "DA6CFDFD-1EB4-458A-AD39-320E619593D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "05B85F14-4248-4550-BE7F-D9BAB9DC90C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build456:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "419D2E24-CA90-471D-9F35-1795F6A65B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build463:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "965DA3C4-7559-4583-A5DC-BEABEAA7E87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build465:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "EBEB8E8E-DB27-45FB-90CA-2CF3A515AC4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build736:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8184E073-37B0-4654-8DF8-379EFC5FB0D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build741:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C29B7C1F-C4AB-4CAB-8177-B64F4B8A2B26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0:build743:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "D1FBFE00-4692-48C2-A6C7-9179E185A275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.0.1:*:domino:*:*:*:*:*",
"matchCriteriaId": "DBE74BFA-003E-40CC-83E1-1AC7159B0C1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build458:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E21CDCBA-3C86-462B-8383-58C893978EBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build459:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "E6179A68-2322-4D79-9446-5A5E4B27AD33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.1:build461:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "EE92421B-C0CA-4B28-9E26-EF0A115C9330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "DC8AD646-E257-4065-B358-8B4944D327E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5.4.743:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "F50BA510-67D5-4FF1-87D0-215B68D20EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*",
"matchCriteriaId": "5CA62889-7A55-459F-BFD8-D38CD93F9219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_736:*:exchange:*:*:*:*:*",
"matchCriteriaId": "766327B9-E8DA-4422-80C2-48E333161D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.5_build_741:*:exchange:*:*:*:*:*",
"matchCriteriaId": "3C5FF883-831F-47CC-BD04-BBFD25BDE8DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6.1.107:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "C6EAA83D-2073-4360-BD3C-59AF34EADE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6.3:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "60D239DF-65AD-4492-AEE1-FCD36E99DD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:4.6_build_97:*:exchange:*:*:*:*:*",
"matchCriteriaId": "7AD92ABA-2D03-46FD-85D5-33FC369015DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "9608BF57-0D9A-4874-BFDA-C92447FACD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "96E660E2-C0F9-499F-A01D-DB368179F28F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0.204:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8E1C4824-3774-41EF-80E1-42A417830978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A8430D5E-A8A7-4724-8A6B-B5E2CA437729",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.1.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "A3D2C4B6-2F13-4487-989E-AC247D4D011A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.0:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "091D4557-21F6-412F-933A-9F0FD8152E28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:corporate_edition_for_linux:*:*:*:*:*",
"matchCriteriaId": "2CC0DE59-149C-42DD-9516-BDB79A9BC412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "88FE6753-A619-4703-8120-F23EEC8C48EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "497635AC-D7F2-4A5C-8C37-DA493C9681A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "E72D8D65-340C-4505-AA80-F9E7870513EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "774AD674-895A-4242-9AC9-BAD6CB862785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "242D33E8-1B6B-4562-9F2A-1B34E3B7BC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "C9797D21-CD64-4B61-A4C1-AC4AD3F9B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "252ACD1B-323F-4139-880D-89D600F29986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "618F6F78-566A-4901-8B57-BB6DCAC7E892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "B2D0922A-3EA3-4BC9-9311-9DCA57338CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "EB7F329F-4390-4735-B2C2-BC6A72FBE36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A5D058F6-779B-4ED4-ADC7-A68491F72BAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:mr4_build_1000:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "29E1AF72-6D48-4DAF-904A-B55366189251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "4B5EE3B2-FF16-4231-B99D-81CB10239576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "7D26AB91-36AB-4BF6-9D0D-098F04C60AAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "E5E0AB4E-4DD0-4D87-BBE5-B459A8B7301F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "4433613D-EB44-4D60-861F-F9FFA2ED4F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "7225A578-8F62-42BD-99AC-D3385478613A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "FF0903BD-3E78-4024-A773-16100F519B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.0.359:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "BF18D806-E781-4F17-9341-D48CBC06949E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "1B390577-F1F1-4821-90FB-967E749F7CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "88AA69B4-865C-4959-9681-62A7591D6CFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "55EDC888-F593-49E8-95A4-87D8FE9CC09A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B7A47F4F-DC34-4B7D-9C3A-4631FFFC1142",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B70ACBE6-C754-4A6F-AC2F-89657DA179E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "8C6C2421-5651-4B3F-9DBC-DC411C989BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "5B967B9A-215D-470A-9722-5782D0AE0980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "F4BFDD98-F70E-41A9-9245-7EC5D140D4F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "DFC9BF64-65E7-4E0E-A637-13794A02CEED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "6B188333-A087-4FC7-864B-F802932455F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A33A8A08-F356-4616-A603-00ADCC062D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B5889206-CE1C-489B-8984-EE4055BBC6BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "62EA1AE0-6A8B-4C13-B95D-7F9694AD5535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4:mr4_mp1_build4010:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "B31249CA-296D-42C2-8939-61B990559BD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "5C6B6D3A-715A-45B9-8231-77A6DE847973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "73A3CB7B-DD39-48E7-8D33-1E222933A7D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "116F0C9D-9255-4B98-B1CF-C78A96240784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "A8957B43-0673-439F-86F6-5791372BA498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate_edition:*:*:*:*:*",
"matchCriteriaId": "D2ACD718-6232-463A-ACEE-B06A02D3243A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.9.1:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "44073E2A-A8AB-4D1A-BCFC-8439E40E97E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5E129A-4FA8-4084-92BE-5A65FABD53DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "C2E302A4-72F8-478B-9FA2-2536902986B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "3967227C-FCB1-486E-A6C4-43B8004C4A12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "894F1929-1029-4B57-A66A-EA58F7D94D1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "C532E93A-5D0D-454D-8B14-F5E9C6A0499F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "D2259605-B720-42B0-8476-6CAE07C7B143",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "09CA1AC8-E273-44C1-9D1C-19542EB57433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "F39AE3D7-7018-47AB-B332-D40EA5273CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "82446BA3-92F9-4689-9D67-3CE159AA0F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.5.6.14:*:*:*:*:*:*",
"matchCriteriaId": "98F9F2E3-1775-4EF9-9FE0-0D011307C269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*",
"matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC50007-59F4-45B0-BABF-BCF2CAB4A9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:3.0:*:macintosh:*:*:*:*:*",
"matchCriteriaId": "F648A08A-24EF-45A5-B7FD-00CAD5892061",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:premier:*:*:*:*:*",
"matchCriteriaId": "CBB1521D-B16D-4E28-8723-AF96E95D7596",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "67EECA52-EECB-4AAA-85F9-ADBE028B8068",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "CE8022C6-360B-4A3D-AD70-3DC79B339231",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:symantec_antivirus_filtering_\\+for_domino:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "37AE8BC0-663C-4D1D-8FF5-13F682BBEE79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "60B08F85-A0E6-4984-83E9-41CD29751BE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "690F3A5F-F990-41C9-9964-B033188C86F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "43E4FAC8-2893-48FA-B159-49C8AA380338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.70:*:*:*:*:*:*:*",
"matchCriteriaId": "5D37768F-A43C-420E-85CA-A5EF3E30F47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1.76:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE3F492-D08F-4558-BC19-F33BBB0D55A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.70:*:*:*:*:*:*:*",
"matchCriteriaId": "B4CD5C31-4F4A-44F1-A3E1-2B4BB78E152D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.72:*:*:*:*:*:*:*",
"matchCriteriaId": "F39BAADB-6BF1-4871-ABEC-4BFA1321FE59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.74:*:*:*:*:*:*:*",
"matchCriteriaId": "451A414E-1A02-45D1-8DFC-61B3E17BF12A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*",
"matchCriteriaId": "B05B8522-E203-49A0-8C5B-3DA7B06AF5AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD064CE-3C39-4243-B59E-CC8E48ED50DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*",
"matchCriteriaId": "9886B467-793C-4D07-9B1B-B80FA5266D29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*",
"matchCriteriaId": "676F5A96-B21B-49FF-86EA-F18F9C3931C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*",
"matchCriteriaId": "18991132-C5B6-43AB-BDCB-196BB2957F27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*",
"matchCriteriaId": "42CE2596-83A9-4A80-A8C6-825EDEAAB8B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*",
"matchCriteriaId": "CBA16BAF-6263-44EA-B3EB-187264913D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:web_security:5.0:*:microsoft_isa_2004:*:*:*:*:*",
"matchCriteriaId": "8E7C32F4-1225-4A4E-BD98-DFE026383482",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5000_series:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "76147168-37FB-444C-BD40-EFC31A0A499A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:symantec:mail_security_8820_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "823BD557-6352-4EC2-AE78-2C0CE6F660D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header."
},
{
"lang": "es",
"value": "El componente Decomposer en m\u00faltiples productos Symantec permite a atacantes remotos provocar denegaci\u00f3n de servicio (bucles infinitos) a trav\u00e9s de ciertos valores en el campo PACK_SIZE de una cabecera de archivo RAR."
}
],
"id": "CVE-2007-3699",
"lastModified": "2024-11-21T00:33:51.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-10-05T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36119"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26053"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24282"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-039.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-12-31 05:00
Modified
2024-11-20 23:42
Severity ?
Summary
The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | norton_personal_firewall | 2002 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "898D5369-E2F3-450C-8554-1C692EAA9906",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \"block fragmented IP Packets\" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305)."
}
],
"id": "CVE-2002-1779",
"lastModified": "2024-11-20T23:42:06.403",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://online.securityfocus.com/archive/1/267850"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/4545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://online.securityfocus.com/archive/1/267850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2002.05.16.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/4545"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}