Symantec : Security Vulnerabilities, CVEs, Published In 2001
Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site.
Max CVSS
5.0
EPSS Score
0.16%
Published
2001-10-05
Updated
2017-12-19
Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site.
Max CVSS
9.8
EPSS Score
1.73%
Published
2001-10-05
Updated
2024-02-08
The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice.
Max CVSS
5.0
EPSS Score
0.11%
Published
2001-09-07
Updated
2020-04-02
Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled.
Max CVSS
5.0
EPSS Score
0.21%
Published
2001-08-02
Updated
2017-12-19
Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a registry key, which could allow local users to obtain the passwords.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-14
Updated
2017-10-10
Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set.
Max CVSS
7.5
EPSS Score
0.33%
Published
2001-06-18
Updated
2008-09-05
6 vulnerabilities found