The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic.
Max CVSS
5.0
EPSS Score
0.98%
Published
2012-05-24
Updated
2018-01-05

CVE-2012-0299

Public exploit
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors.
Max CVSS
10.0
EPSS Score
96.99%
Published
2012-05-21
Updated
2017-12-05
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to (1) read or (2) delete arbitrary files via unspecified vectors.
Max CVSS
6.4
EPSS Score
0.31%
Published
2012-05-21
Updated
2017-12-05

CVE-2012-0297

Public exploit
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.
Max CVSS
10.0
EPSS Score
97.42%
Published
2012-05-21
Updated
2017-12-05
Multiple cross-site scripting (XSS) vulnerabilities in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
23.58%
Published
2012-05-21
Updated
2012-05-22
The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294.
Max CVSS
9.3
EPSS Score
1.57%
Published
2012-05-23
Updated
2013-01-04
Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors.
Max CVSS
5.8
EPSS Score
0.25%
Published
2012-05-23
Updated
2012-10-30
Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script.
Max CVSS
7.2
EPSS Score
0.17%
Published
2012-05-23
Updated
2012-10-30
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!