Filtered by vendor Symantec
Subscriptions
Total
574 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-0990 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2025-04-03 | N/A |
| The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout. | ||||
| CVE-2000-0273 | 1 Symantec | 1 Pcanywhere | 2025-04-03 | N/A |
| PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. | ||||
| CVE-2000-0477 | 1 Symantec | 1 Norton Antivirus | 2025-04-03 | N/A |
| Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names. | ||||
| CVE-2000-0478 | 1 Symantec | 1 Norton Antivirus | 2025-04-03 | N/A |
| In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server. | ||||
| CVE-2002-1775 | 1 Symantec | 1 Norton Antivirus | 2025-04-03 | N/A |
| NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed | ||||
| CVE-2002-1778 | 1 Symantec | 1 Norton Personal Firewall | 2025-04-03 | N/A |
| Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan. | ||||
| CVE-2004-0369 | 2 Entrust, Symantec | 5 Entrust Libkmp Isakmp Library, Enterprise Firewall, Gateway Security 5300 and 2 more | 2025-04-03 | N/A |
| Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. | ||||
| CVE-2001-0483 | 1 Symantec | 1 Raptor Firewall | 2025-04-03 | N/A |
| Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set. | ||||
| CVE-2001-0549 | 1 Symantec | 1 Liveupdate | 2025-04-03 | N/A |
| Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a registry key, which could allow local users to obtain the passwords. | ||||
| CVE-2001-0598 | 1 Symantec | 1 Norton Ghost | 2025-04-03 | N/A |
| Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled. | ||||
| CVE-2006-3457 | 1 Symantec | 2 On-demand Agent, On-demand Protection | 2025-04-03 | N/A |
| Symantec On-Demand Agent (SODA) before 2.5 MR2 Build 2157, and the Virtual Desktop module in Symantec On-Demand Protection (SODP) before 2.6 Build 2233, do not properly encrypt files that are subject to policy-based automatic encryption, which might allow local users to read sensitive data via an unspecified decryption method. | ||||
| CVE-2001-1126 | 1 Symantec | 1 Liveupdate | 2025-04-03 | N/A |
| Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | ||||
| CVE-2006-3784 | 1 Symantec | 1 Pcanywhere | 2025-04-03 | N/A |
| Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator. | ||||
| CVE-2006-3454 | 1 Symantec | 2 Client Security, Norton Antivirus | 2025-04-03 | N/A |
| Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages. | ||||
| CVE-2002-0344 | 1 Symantec | 1 Liveupdate | 2025-04-03 | N/A |
| Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server. | ||||
| CVE-2002-0345 | 1 Symantec | 1 Norton Ghost | 2025-04-03 | N/A |
| Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges. | ||||
| CVE-2006-0230 | 1 Symantec | 1 Antivirus Scan Engine | 2025-04-03 | N/A |
| Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests. | ||||
| CVE-2006-0232 | 1 Symantec | 1 Antivirus Scan Engine | 2025-04-03 | N/A |
| Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests. | ||||
| CVE-2003-0470 | 1 Symantec | 1 Security Check | 2025-04-03 | N/A |
| Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings. | ||||
| CVE-2004-1473 | 1 Symantec | 12 Firewall Vpn Appliance 100, Firewall Vpn Appliance 200, Firewall Vpn Appliance 200r and 9 more | 2025-04-03 | N/A |
| Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53. | ||||