# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2020-12593 |
|
|
|
2020-11-18 |
2020-11-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. |
2 |
CVE-2020-5839 |
200 |
|
+Info |
2020-07-08 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. |
3 |
CVE-2020-5834 |
22 |
|
Dir. Trav. |
2020-05-11 |
2020-05-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory. |
4 |
CVE-2018-18365 |
|
|
|
2019-04-09 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic. |
5 |
CVE-2018-12243 |
611 |
|
|
2018-09-19 |
2018-12-08 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths in the system identifier to access files that should not normally be accessible. |
6 |
CVE-2018-5243 |
400 |
|
DoS |
2018-08-20 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. |
7 |
CVE-2018-5240 |
|
|
+Priv |
2018-07-25 |
2019-10-03 |
5.2 |
None |
Local Network |
Low |
??? |
Partial |
Partial |
Partial |
The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. |
8 |
CVE-2017-15532 |
22 |
|
Dir. Trav. |
2017-12-20 |
2018-01-05 |
5.5 |
None |
Local Network |
Low |
??? |
Complete |
None |
None |
Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files. |
9 |
CVE-2017-15531 |
287 |
|
|
2018-01-23 |
2018-05-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter. |
10 |
CVE-2017-15527 |
22 |
|
Dir. Trav. |
2017-11-20 |
2017-12-12 |
5.2 |
None |
Local Network |
Low |
??? |
Partial |
Partial |
Partial |
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs. |
11 |
CVE-2017-15526 |
476 |
|
|
2017-11-13 |
2017-11-29 |
5.2 |
None |
Local Network |
Low |
??? |
Partial |
Partial |
Partial |
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario. |
12 |
CVE-2017-15525 |
|
|
DoS |
2017-11-13 |
2019-10-03 |
5.5 |
None |
Local Network |
Low |
??? |
None |
None |
Complete |
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network. |
13 |
CVE-2017-6323 |
611 |
|
DoS |
2018-04-16 |
2018-05-23 |
5.2 |
None |
Local Network |
Low |
??? |
Partial |
Partial |
Partial |
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts. |
14 |
CVE-2016-5306 |
200 |
|
+Info |
2016-06-30 |
2017-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445. |
15 |
CVE-2015-8151 |
78 |
|
Exec Code |
2016-02-18 |
2016-12-06 |
5.8 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access. |
16 |
CVE-2015-8149 |
119 |
|
DoS Overflow Mem. Corr. |
2016-02-18 |
2016-12-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests. |
17 |
CVE-2015-8148 |
200 |
|
+Info |
2016-02-18 |
2016-12-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. |
18 |
CVE-2015-6548 |
89 |
|
Exec Code Sql |
2015-09-20 |
2016-12-22 |
5.8 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors. |
19 |
CVE-2015-4334 |
200 |
|
+Info |
2015-12-07 |
2019-02-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The default configuration of SGOS in Blue Coat ProxySG before 6.2.16.5, 6.5 before 6.5.7.1, and 6.6 before 6.6.2.1 forwards authentication challenges from upstream origin content servers (OCS) when used in an explicit proxy deployment, which makes it easier for remote attackers to obtain sensitive information via a 407 (aka Proxy Authentication Required) HTTP status code, as demonstrated when using NTLM authentication. |
20 |
CVE-2015-1490 |
22 |
|
Dir. Trav. |
2015-08-01 |
2017-09-21 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package. |
21 |
CVE-2015-1487 |
20 |
|
|
2015-08-01 |
2017-09-21 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename. |
22 |
CVE-2014-7287 |
74 |
|
|
2015-02-01 |
2017-09-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header. |
23 |
CVE-2014-3436 |
310 |
|
DoS |
2014-08-22 |
2017-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Symantec Encryption Desktop 10.3.x before 10.3.2 MP3, and Symantec PGP Desktop 10.0.x through 10.2.x, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted encrypted e-mail message that decompresses to a larger size. |
24 |
CVE-2014-1651 |
89 |
|
Exec Code Sql |
2014-06-18 |
2017-12-28 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in clientreport.php in the management console in Symantec Web Gateway (SWG) before 5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. |
25 |
CVE-2014-1650 |
89 |
|
Exec Code Sql |
2014-06-18 |
2017-12-28 |
5.2 |
None |
Local Network |
Low |
??? |
Partial |
Partial |
Partial |
SQL injection vulnerability in user.php in the management console in Symantec Web Gateway (SWG) before 5.2.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. |
26 |
CVE-2012-4347 |
22 |
|
Dir. Trav. |
2012-12-05 |
2013-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do. |
27 |
CVE-2012-2977 |
264 |
|
|
2012-07-23 |
2017-12-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script. |
28 |
CVE-2012-0301 |
287 |
|
|
2012-07-05 |
2012-07-06 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors. |
29 |
CVE-2012-0294 |
22 |
|
Dir. Trav. |
2012-05-23 |
2012-10-30 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors. |
30 |
CVE-2012-0292 |
20 |
1
|
DoS |
2012-03-08 |
2018-01-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631. |
31 |
CVE-2012-0291 |
20 |
|
DoS |
2012-02-22 |
2018-01-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response. |
32 |
CVE-2010-3268 |
20 |
|
DoS |
2010-12-22 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request. |
33 |
CVE-2009-3110 |
362 |
|
|
2009-09-08 |
2013-02-07 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
Race condition in the file transfer functionality in Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 allows remote attackers to read sensitive files and prevent client updates by connecting to the file transfer port before the expected client does. |
34 |
CVE-2009-1432 |
20 |
|
|
2009-04-30 |
2019-07-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled. |
35 |
CVE-2008-2512 |
22 |
|
Dir. Trav. |
2008-06-02 |
2017-08-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors. |
36 |
CVE-2007-6017 |
20 |
|
DoS |
2008-02-29 |
2011-03-08 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server (BEWS) 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of service (browser crash), or create or overwrite arbitrary files, via string values of the (1) _DOWText0, (2) _DOWText1, (3) _DOWText2, (4) _DOWText3, (5) _DOWText4, (6) _DOWText5, (7) _DOWText6, (8) _MonthText0, (9) _MonthText1, (10) _MonthText2, (11) _MonthText3, (12) _MonthText4, (13) _MonthText5, (14) _MonthText6, (15) _MonthText7, (16) _MonthText8, (17) _MonthText9, (18) _MonthText10, and (19) _MonthText11 properties. NOTE: the vendor states "Authenticated user involvement required," but authentication is not needed to attack a client machine that loads this control. |
37 |
CVE-2007-4346 |
399 |
|
DoS |
2007-11-29 |
2018-10-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Job Engine (bengine.exe) service in Symantec Backup Exec for Windows Servers (BEWS) 11d build 11.0.7170 and 11.0.6.6235 allows remote attackers to cause a denial of service (NULL dereference and service crash) via a crafted packet to port 5633/tcp. |
38 |
CVE-2007-3665 |
|
|
DoS |
2007-07-10 |
2008-11-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other functions. |
39 |
CVE-2007-3132 |
|
|
DoS |
2007-06-08 |
2018-10-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp. |
40 |
CVE-2007-1593 |
399 |
|
DoS |
2007-06-04 |
2017-07-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer. |
41 |
CVE-2006-5545 |
|
|
|
2006-10-26 |
2017-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay. |
42 |
CVE-2006-5403 |
|
|
DoS Exec Code Overflow |
2006-10-19 |
2017-07-20 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
Stack-based buffer overflow in an ActiveX control used in Symantec Automated Support Assistant, as used in Norton AntiVirus, Internet Security, and System Works 2005 and 2006, allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. |
43 |
CVE-2006-4562 |
|
|
|
2006-09-06 |
2018-10-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
** DISPUTED ** The proxy DNS service in Symantec Gateway Security (SGS) allows remote attackers to make arbitrary DNS queries to third-party DNS servers, while hiding the source IP address of the attacker. NOTE: another researcher has stated that the default configuration does not proxy DNS queries received on the external interface. |
44 |
CVE-2006-4314 |
|
|
DoS |
2006-08-23 |
2018-10-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The manager server in Symantec Enterprise Security Manager (ESM) 6 and 6.5.x allows remote attackers to cause a denial of service (hang) via a malformed ESM agent request. |
45 |
CVE-2006-4014 |
|
|
DoS |
2006-08-07 |
2011-03-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allows remote attackers to cause a denial of service (application freeze) "by sending invalid posts". |
46 |
CVE-2006-2341 |
200 |
|
+Info |
2006-05-12 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI. |
47 |
CVE-2006-0232 |
|
|
+Info |
2006-04-25 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests. |
48 |
CVE-2005-4695 |
|
|
DoS |
2005-12-31 |
2011-03-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages. |
49 |
CVE-2005-3217 |
|
|
Bypass |
2005-10-14 |
2016-10-18 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. |
50 |
CVE-2005-0922 |
|
|
DoS |
2005-05-02 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unknown vulnerability in the Auto-Protect module in Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (system hang or crash) by triggering a scan of a certain file type. |