Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename.
Max CVSS
6.4
EPSS Score
0.82%
Published
2003-12-31
Updated
2017-07-29
The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack").
Max CVSS
4.6
EPSS Score
0.04%
Published
2003-12-31
Updated
2017-07-29
Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page.
Max CVSS
4.3
EPSS Score
0.36%
Published
2003-10-27
Updated
2017-07-11
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.
Max CVSS
7.2
EPSS Score
0.05%
Published
2003-12-15
Updated
2016-10-18
Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings.
Max CVSS
7.5
EPSS Score
0.82%
Published
2003-08-07
Updated
2017-07-11
The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.
Max CVSS
7.5
EPSS Score
0.12%
Published
2003-04-02
Updated
2016-10-18
The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-03-31
Updated
2008-09-10
Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.
Max CVSS
5.0
EPSS Score
0.18%
Published
2003-03-31
Updated
2008-09-05
Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers (ISN), which allows remote attackers to spoof connections.
Max CVSS
7.5
EPSS Score
0.29%
Published
2003-06-09
Updated
2017-10-10
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!