CVE-2004-0444

3 documents3 sources

Severity

10.0CRITICAL

EPSS

62.8%

top 1.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Client Firewall Symantec Client Security Symantec Norton Antispam +2 more

Timeline

PublishedJul 7

Latest updateApr 29

Description

Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflo…

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages5 packages

▶NVDsymantec/norton_internet_security2002, 2003, 2004+2

▶NVDsymantec/norton_personal_firewall2002, 2003, 2004+2

▶NVDsymantec/client_firewall5.01, 5.1.1+1

▶NVDsymantec/client_security11 versions+10

▶NVDsymantec/norton_antispam2004

Patches

Patch: www.kb.cert.org ↗Patch: www.kb.cert.org ↗Patch: www.kb.cert.org ↗

🔴Vulnerability Details

GHSA

GHSA-7gq9-m389-5v2h: Multiple vulnerabilities in SYMDNS↗2022-04-29

▶

CVEList

CVE-2004-0444: Multiple vulnerabilities in SYMDNS↗2004-05-20

▶