Symantec Workspace Virtualization before 6.x before 6.4.1953.0, when a virtual application layer is configured, allows local users to gain privileges via an application that performs crafted interaction with the operating system.
Max CVSS
6.6
EPSS Score
0.12%
Published
2013-08-05
Updated
2013-10-07
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 does not properly implement RADIUS authentication, which allows remote attackers to execute arbitrary code by leveraging access to the login prompt.
Max CVSS
5.8
EPSS Score
3.37%
Published
2013-08-01
Updated
2017-11-18
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 has an incorrect sudoers file, which allows local users to bypass intended access restrictions via a command.
Max CVSS
7.2
EPSS Score
0.04%
Published
2013-08-01
Updated
2014-01-17
Cross-site request forgery (CSRF) vulnerability in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.
Max CVSS
6.0
EPSS Score
0.22%
Published
2013-08-01
Updated
2014-01-17
Heap-based buffer overflow in the utility program in the Linux agent in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via unspecified vectors.
Max CVSS
7.9
EPSS Score
1.88%
Published
2013-08-05
Updated
2013-08-22
Multiple SQL injection vulnerabilities in the management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allow remote authenticated administrators to execute arbitrary SQL commands via unspecified vectors.
Max CVSS
7.4
EPSS Score
0.15%
Published
2013-08-01
Updated
2014-01-17
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote attackers to execute arbitrary commands by injecting a command into an application script.
Max CVSS
8.3
EPSS Score
2.55%
Published
2013-08-01
Updated
2014-01-17
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
7.9
EPSS Score
0.67%
Published
2013-06-20
Updated
2013-06-20
Unquoted Windows search path vulnerability in RDDService in Symantec PGP Desktop 10.0.x through 10.2.x and Symantec Encryption Desktop 10.3.0 before MP3 allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory.
Max CVSS
6.8
EPSS Score
0.04%
Published
2013-08-05
Updated
2013-08-05
Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.
Max CVSS
6.8
EPSS Score
0.04%
Published
2013-03-26
Updated
2013-03-27
Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors.
Max CVSS
6.7
EPSS Score
0.08%
Published
2013-03-26
Updated
2013-03-26
Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 allows local users to gain privileges via a crafted application.
Max CVSS
6.9
EPSS Score
0.04%
Published
2013-02-18
Updated
2013-02-18
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!