| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2018-5236 |
362 |
|
|
2018-06-20 |
2018-08-11 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
None |
Partial |
|
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events. |
|
2 |
CVE-2017-13680 |
284 |
|
|
2017-11-06 |
2017-11-29 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system. |
|
3 |
CVE-2017-6331 |
284 |
|
Bypass |
2017-11-06 |
2017-11-29 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients. |
|
4 |
CVE-2016-5305 |
79 |
|
XSS |
2016-06-30 |
2017-08-31 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack. |
|
5 |
CVE-2016-3652 |
79 |
|
XSS |
2016-06-30 |
2017-09-02 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
6 |
CVE-2016-2206 |
264 |
|
|
2016-07-11 |
2017-08-31 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read arbitrary files by modifying the file-download configuration file. |
|
7 |
CVE-2015-8801 |
284 |
|
Bypass |
2016-06-30 |
2017-08-31 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
|
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device. |
|
8 |
CVE-2015-6549 |
79 |
|
XSS |
2015-10-05 |
2016-12-09 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBackup OpsCenter before 7.7.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
9 |
CVE-2014-9224 |
79 |
|
XSS |
2015-01-21 |
2018-10-09 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x through 6.0 MP1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
10 |
CVE-2013-1611 |
79 |
|
XSS |
2013-05-09 |
2013-05-10 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
|
11 |
CVE-2012-3581 |
200 |
|
+Info |
2012-08-29 |
2013-10-10 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors. |
|
12 |
CVE-2012-0300 |
264 |
|
+Info |
2012-07-05 |
2012-07-17 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive version information via unspecified vectors. |
|
13 |
CVE-2010-0109 |
119 |
|
DoS Overflow |
2018-02-19 |
2018-03-18 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request. |
|
14 |
CVE-2009-3029 |
79 |
|
XSS |
2009-10-15 |
2013-02-06 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the console in Symantec SecurityExpressions Audit and Compliance Server 4.1.1, 4.1, and earlier allows remote authenticated users to inject arbitrary web script or HTML via "external client input" that triggers crafted error messages. |
|
15 |
CVE-2008-2288 |
264 |
|
DoS +Info |
2008-05-18 |
2017-08-07 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information. |
|
16 |
CVE-2006-4266 |
|
|
+Priv |
2006-08-21 |
2018-10-17 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product's functionality is intended to protect against privileged actions such as this. |
|
17 |
CVE-2006-3786 |
|
|
|
2006-07-24 |
2018-10-17 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag. |
|
18 |
CVE-2006-1285 |
|
|
|
2006-03-19 |
2008-09-05 |
3.2 |
None |
Local |
Low |
Single system |
Partial |
Partial |
None |
|
SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information. |
|
19 |
CVE-2004-0217 |
|
|
|
2004-04-15 |
2017-07-10 |
3.7 |
User |
Local |
High |
Not required |
Partial |
Partial |
Partial |
|
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log. |
