Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-3645

CWE-1894 documents4 sources

Severity

9.8CRITICAL

EPSS

75.6%

top 1.10%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Advanced Threat Protection Symantec Csapi Symantec Mail Security FOR Domino +11 more

Timeline

PublishedJun 30

Latest updateMay 13

Description

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symante…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages12 packages

▶NVDsymantec/norton_security13.0.1

▶NVDsymantec/norton_bootable_removal_tool2016.0

▶NVDsymantec/data_center_security_server6.0, 6.5, 6.6+2

▶NVDsymantec/norton_power_eraser5.0

▶NVDsymantec/endpoint_protection12.1.6

🔴Vulnerability Details

GHSA

GHSA-f66w-g7r8-43h9: Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:S↗2022-05-13

▶

CVEList

CVE-2016-3645: Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:S↗2016-06-30

▶

💥Exploits & PoCs

Exploit-DB

Symantec AntiVirus - TNEF Decoder Integer Overflow↗2016-06-29

▶