Symantec Antivirus Scan Engine vulnerabilities

CVE-2007-3699 [CRITICAL] CVE-2007-3699: The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.

CVE-2007-0447 [CRITICAL] CWE-119 CVE-2007-0447: Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote a Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.

CVE-2006-0230 [CRITICAL] CVE-2006-0230: Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.

CVE-2006-0231 [MEDIUM] CVE-2006-0231: Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.

CVE-2006-0232 [MEDIUM] CVE-2006-0232: Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests.

CVE-2005-2758 [CRITICAL] CVE-2005-2758: Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.

CVE-2005-1346 [LOW] CVE-2005-1346: Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Secur Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid de

CVE-2005-0249 [HIGH] CVE-2005-0249: Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attack Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

CVE-2004-0217 [HIGH] CWE-59 CVE-2004-0217: The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.