| CVE-2011-0551 |
medium |
— |
6.8 |
|
|
symantec |
15y ago |
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hi… |
| CVE-2011-0550 |
medium |
— |
4.3 |
|
|
symantec |
15y ago |
Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to… |
| CVE-2011-0546 |
medium |
— |
7.5 |
EXP |
|
symantec |
15y ago |
Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent between the media server and the remote agent, which allows man-in-the-middle attackers to execute… |
| CVE-2011-1524 |
medium |
— |
5.3 |
EXP |
|
symantec |
15y ago |
Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to inject arbitrary web script or HTML via the … |
| CVE-2011-0545 |
medium |
— |
7.8 |
EXP |
|
symantec |
15y ago |
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests… |
| CVE-2009-3028 |
medium |
— |
7.8 |
EXP |
|
symantec |
16y ago |
The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x expos… |
| CVE-2010-3268 |
medium |
— |
5.0 |
|
|
intelsymantec |
16y ago |
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec An… |
| CVE-2010-0113 |
medium |
— |
4.3 |
|
|
symantec |
16y ago |
The Symantec Norton Mobile Security application 1.0 Beta for Android records setup details, possibly including wipe/lock credentials, in the device logs, which allows user-assisted remote attackers t… |
| CVE-2009-3036 |
medium |
— |
4.3 |
|
|
symantec |
17y ago |
Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2009-3035 |
medium |
— |
4.3 |
|
|
symantec |
17y ago |
The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on… |
| CVE-2003-1575 |
medium |
— |
4.6 |
|
|
symantec |
17y ago |
VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to … |
