Filtered by vendor Symantec
Subscribe
Total
573 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-1779 | 1 Symantec | 1 Norton Personal Firewall | 2023-12-10 | 7.5 HIGH | N/A |
The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305). | |||||
CVE-2002-2317 | 1 Symantec | 1 Velociraptor | 2023-12-10 | 7.8 HIGH | N/A |
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method. | |||||
CVE-2003-0936 | 1 Symantec | 1 Pcanywhere | 2023-12-10 | 7.2 HIGH | N/A |
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe. | |||||
CVE-2004-1483 | 1 Symantec | 1 Clientless Vpn Gateway 4400 | 2023-12-10 | 10.0 HIGH | N/A |
Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact. | |||||
CVE-2004-1694 | 1 Symantec | 2 On Command Ccm, On Icommand | 2023-12-10 | 7.5 HIGH | N/A |
Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access. | |||||
CVE-2001-0598 | 1 Symantec | 1 Norton Ghost | 2023-12-10 | 5.0 MEDIUM | N/A |
Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled. | |||||
CVE-2002-1695 | 2 Microsoft, Symantec | 3 Internet Information Server, Internet Information Services, Norton Internet Security | 2023-12-10 | 5.0 MEDIUM | N/A |
Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running. | |||||
CVE-2003-1310 | 1 Symantec | 1 Norton Antivirus | 2023-12-10 | 4.6 MEDIUM | N/A |
The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack"). | |||||
CVE-2001-1126 | 1 Symantec | 1 Liveupdate | 2023-12-10 | 5.0 MEDIUM | N/A |
Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. | |||||
CVE-2002-1463 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections. | |||||
CVE-2004-1754 | 1 Symantec | 2 Enterprise Firewall, Gateway Security | 2023-12-10 | 5.0 MEDIUM | N/A |
The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. | |||||
CVE-2003-1451 | 1 Symantec | 1 Norton Antivirus | 2023-12-10 | 6.4 MEDIUM | N/A |
Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename. | |||||
CVE-2002-2294 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). |