Symantec Norton Antivirus vulnerabilities

CVE-2003-0994 [HIGH] CVE-2003-0994: The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as us The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges.

CVE-2003-1451 [MEDIUM] CWE-119 CVE-2003-1451: Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename.

CVE-2003-1310 [MEDIUM] CVE-2003-1310: The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 20 The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack").

CVE-2002-1540 [HIGH] CVE-2002-1540: The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x bef The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.

CVE-2002-1775 [HIGH] CVE-2002-1775: NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect th

CVE-2002-1776 [HIGH] CVE-2002-1776: NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attac NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office document. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the

CVE-2002-1777 [HIGH] CVE-2002-1777: NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension such as .nch or .dbx, but a malicious extension in the Content-Disposition field, which is used by Outlook to obtain the file name. NOTE: the vendor has dispu

CVE-2002-2206 [HIGH] CVE-2002-2206: The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial o The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.

CVE-2002-1774 [HIGH] CVE-2002-1774: NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attac NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to send viruses that bypass the e-mail scanning via a NULL character in the MIME header before the virus. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it

CVE-2001-1099 [MEDIUM] CWE-434 CVE-2001-1099: The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attacker The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice.

CVE-2000-0793 [CRITICAL] CVE-2000-0793: Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protecti Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.

CVE-2000-0477 [MEDIUM] CVE-2000-0477: Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a de Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names.

CVE-2000-0478 [MEDIUM] CVE-2000-0478: In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows v In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server.

CVE-2000-0238 [MEDIUM] CVE-2000-0238: Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote att Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL.

CVE-1999-1004 [MEDIUM] CVE-1999-1004: Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command.

CVE-1999-1323 [MEDIUM] CVE-1999-1323: Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.