CVE-2016-5308 : The Client Intrusion Detection System (CIDS) driver before 15.0.6 in Symantec En

The Client Intrusion Detection System (CIDS) driver before 15.0.6 in Symantec Endpoint Protection (SEP) and before 15.1.2 in Norton Security allows remote attackers to cause a denial of service (memory corruption and system crash) via a malformed Portable Executable (PE) file.

Published 2016-07-12 02:00:13

Updated 2025-04-12 10:46:41

Source Symantec Corporation

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2016-5308

Symantec » Client Intrusion Detection System
Versions before (<) 15.0.6
cpe:2.3:a:symantec:client_intrusion_detection_system:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
Symantec » Client Intrusion Detection System
Versions before (<) 15.1.2
cpe:2.3:a:symantec:client_intrusion_detection_system:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows

Exploit prediction scoring system (EPSS) score for CVE-2016-5308

EPSS FAQ

1.63%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 80 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-5308

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.1	HIGH	AV:N/AC:M/Au:N/C:N/I:N/A:C	8.6	6.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Complete
5.5	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H	1.8	3.6	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2016-5308

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-5308

http://www.securitytracker.com/id/1036264

Norton Security CIDS Driver Memory Corruption Error in Processing PE Files Lets Remote Users Cause the Target System to Crash - SecurityTracker
Third Party Advisory;VDB Entry
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160707_01

Symantec Client IDS Driver PE File Memory Corruption Denial of Service
Vendor Advisory
http://www.securityfocus.com/bid/91608

Symantec Endpoint Security and Norton Security CVE-2016-5308 Denial of Service Vulnerability
Third Party Advisory;VDB Entry
http://www.securitytracker.com/id/1036265

Symantec Endpoint Protection CIDS Driver Memory Corruption Error in Processing PE Files Lets Remote Users Cause the Target System to Crash - SecurityTracker
Third Party Advisory;VDB Entry

Jump to

Vulnerability Details : CVE-2016-5308

Products affected by CVE-2016-5308

Exploit prediction scoring system (EPSS) score for CVE-2016-5308

CVSS scores for CVE-2016-5308

CWE ids for CVE-2016-5308

References for CVE-2016-5308