| CVE-2011-0549 |
high |
— |
7.5 |
|
|
symantec |
15y ago |
SQL injection vulnerability in forget.php in the management GUI in Symantec Web Gateway 4.5.x allows remote attackers to execute arbitrary SQL commands via the username parameter. |
| CVE-2011-0546 |
medium |
— |
7.5 |
EXP |
|
symantec |
15y ago |
Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information sent between the media server and the remote agent, which allows man-in-the-middle attackers to execute… |
| CVE-2011-1524 |
medium |
— |
5.3 |
EXP |
|
symantec |
15y ago |
Cross-site scripting (XSS) vulnerability in the management login GUI page in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to inject arbitrary web script or HTML via the … |
| CVE-2011-0545 |
medium |
— |
7.8 |
EXP |
|
symantec |
15y ago |
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests… |
| CVE-2009-3028 |
medium |
— |
7.8 |
EXP |
|
symantec |
16y ago |
The Altiris eXpress NS SC Download ActiveX control in AeXNSPkgDLLib.dll, as used in Symantec Altiris Deployment Solution 6.9.x, Notification Server 6.0.x, and Symantec Management Platform 7.0.x expos… |
| CVE-2010-3719 |
high |
— |
8.5 |
|
|
symantec |
16y ago |
Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified param… |
| CVE-2011-0688 |
critical |
— |
9.3 |
|
|
symantec |
16y ago |
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 a… |
| CVE-2010-0111 |
critical |
— |
10.0 |
EXP |
|
symantec |
16y ago |
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x b… |
| CVE-2010-0110 |
high |
— |
7.9 |
|
|
symantec |
16y ago |
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 1… |
| CVE-2010-0115 |
high |
— |
7.5 |
|
|
symantec |
16y ago |
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME paramete… |
| CVE-2010-3268 |
medium |
— |
5.0 |
|
|
intelsymantec |
16y ago |
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec An… |
| CVE-2010-0114 |
high |
— |
7.5 |
|
|
symantec |
16y ago |
fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on repor… |
| CVE-2010-0113 |
medium |
— |
4.3 |
|
|
symantec |
16y ago |
The Symantec Norton Mobile Security application 1.0 Beta for Android records setup details, possibly including wipe/lock credentials, in the device logs, which allows user-assisted remote attackers t… |
| CVE-2010-0112 |
high |
— |
7.5 |
|
|
symantec |
16y ago |
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the r… |
| CVE-2010-0131 |
critical |
— |
9.3 |
|
|
autonomysymantec |
16y ago |
Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to… |
| CVE-2008-4389 |
critical |
— |
9.3 |
|
|
symantec |
16y ago |
Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle atta… |
| CVE-2010-2305 |
critical |
— |
10.0 |
EXP |
|
symantec |
16y ago |
Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Sygate Personal Firewall 5.6 build 2808 allows remote attackers to execute arbitrary code via a long third argument to the SetRegStr… |
| CVE-2009-3032 |
critical |
— |
10.0 |
|
|
ibmsymantec |
17y ago |
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and o… |
| CVE-2010-0107 |
critical |
— |
9.3 |
|
|
symantec |
17y ago |
Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3… |
| CVE-2009-3036 |
medium |
— |
4.3 |
|
|
symantec |
17y ago |
Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 before 8.4.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2010-0108 |
critical |
— |
10.0 |
EXP |
|
symantec |
17y ago |
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Secur… |
| CVE-2010-0106 |
low |
— |
1.9 |
|
|
symantec |
17y ago |
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attacker… |
| CVE-2009-3035 |
medium |
— |
4.3 |
|
|
symantec |
17y ago |
The web console in Symantec Altiris Notification Server 6.0.x before 6.0 SP3 R12 uses a hardcoded key that can decrypt SQL Server credentials and certain discovery credentials, and stores this key on… |
| CVE-2003-1575 |
medium |
— |
4.6 |
|
|
symantec |
17y ago |
VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 through 9 does not properly implement inheritance of default ACLs in certain circumstances related to … |
