Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack.
Max CVSS
5.0
EPSS Score
0.73%
Published
1999-11-29
Updated
2008-09-09
Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command.
Max CVSS
5.0
EPSS Score
0.31%
Published
1999-12-16
Updated
2008-09-09
Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631.
Max CVSS
5.0
EPSS Score
0.93%
Published
1999-05-28
Updated
2016-10-18
Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE.
Max CVSS
4.6
EPSS Score
0.04%
Published
1999-04-09
Updated
2016-10-18
Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0.
Max CVSS
5.1
EPSS Score
0.22%
Published
1997-05-04
Updated
2008-09-05
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
Max CVSS
7.2
EPSS Score
0.05%
Published
1999-12-22
Updated
2016-10-18
Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL.
Max CVSS
5.0
EPSS Score
3.73%
Published
2000-03-17
Updated
2008-09-10
PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt.
Max CVSS
5.0
EPSS Score
1.17%
Published
2000-04-09
Updated
2008-09-10
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
Max CVSS
10.0
EPSS Score
0.83%
Published
2000-04-06
Updated
2008-09-10
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap.
Max CVSS
5.0
EPSS Score
1.55%
Published
2000-04-25
Updated
2008-09-10
Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names.
Max CVSS
5.0
EPSS Score
0.55%
Published
2000-06-14
Updated
2017-10-10
In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server.
Max CVSS
5.0
EPSS Score
0.28%
Published
2000-06-14
Updated
2017-10-10
Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.
Max CVSS
10.0
EPSS Score
6.52%
Published
2000-10-20
Updated
2008-09-05
I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 characters, which allows an attacker to cause reporting errors.
Max CVSS
5.0
EPSS Score
0.09%
Published
2000-12-11
Updated
2017-10-10
Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set.
Max CVSS
7.5
EPSS Score
0.33%
Published
2001-06-18
Updated
2008-09-05
Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a registry key, which could allow local users to obtain the passwords.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-14
Updated
2017-10-10
Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled.
Max CVSS
5.0
EPSS Score
0.21%
Published
2001-08-02
Updated
2017-12-19
The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice.
Max CVSS
5.0
EPSS Score
0.11%
Published
2001-09-07
Updated
2020-04-02
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site.
Max CVSS
9.8
EPSS Score
1.73%
Published
2001-10-05
Updated
2024-02-08
Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.
Max CVSS
5.0
EPSS Score
0.16%
Published
2001-10-05
Updated
2017-12-19
The Notify daemon for Symantec Enterprise Firewall (SEF) 6.5.x drops large alerts when SNMP is used as the transport, which could prevent some alerts from being sent in the event of an attack.
Max CVSS
5.0
EPSS Score
0.09%
Published
2002-05-31
Updated
2017-10-10
SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
Max CVSS
5.0
EPSS Score
0.12%
Published
2002-05-31
Updated
2016-10-18
Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.
Max CVSS
5.0
EPSS Score
0.61%
Published
2002-06-25
Updated
2016-10-18
Symantec Ghost 7.0 stores usernames and passwords in plaintext in the NGServer\params registry key, which could allow an attacker to gain privileges.
Max CVSS
7.5
EPSS Score
0.27%
Published
2002-06-25
Updated
2016-10-18
Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients.
Max CVSS
7.5
EPSS Score
0.29%
Published
2002-08-12
Updated
2024-02-02
571 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!