Symantec Client Security vulnerabilities

27 known vulnerabilities affecting symantec/client_security.

Total CVEs

27

CISA KEV

0

Public exploits

10

Exploited in wild

0

Severity breakdown

CRITICAL10HIGH3MEDIUM11LOW3

Vulnerabilities

Page 2 of 2

CVE-2006-3454HIGHCVSS 7.2v1.0v1.0.1+8 more2006-09-14

CVE-2006-3454 [HIGH] CVE-2006-3454: Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and C Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow local users to execute arbitrary code via format strings in (1) Tamper Protection and (2) Virus Alert Notification messages.

CVE-2006-4802MEDIUMCVSS 4.6v1.0v1.0.1+27 more2006-09-14

CVE-2006-4802 [MEDIUM] CVE-2006-4802: Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edit Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the v

CVE-2006-2630CRITICALCVSS 10.0PoCv3.0v3.0.2.2010+4 more2006-05-27

CVE-2006-2630 [CRITICAL] CVE-2006-2630: Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attacke Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors.

CVE-2005-0249HIGHCVSS 7.5v1.0.1_build_8.01.434v1.0.1_build_8.01.437+10 more2005-02-08

CVE-2005-0249 [HIGH] CVE-2005-0249: Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attack Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

CVE-2004-0375MEDIUMCVSS 5.0PoCv1.0v1.12004-08-18

CVE-2004-0375 [MEDIUM] CVE-2004-0375: SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 20 SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.

CVE-2004-0444CRITICALCVSS 10.0v1.0v1.1+9 more2004-07-07

CVE-2004-0444 [CRITICAL] CVE-2004-0444: Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 t Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte

CVE-2004-0445LOWCVSS 2.6PoCv1.0v1.1+9 more2004-07-07

CVE-2004-0445 [LOW] CVE-2004-0445: The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norto The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name poi

← Previous2 / 2