Vulnerabilities > Symantec > Antivirus Scan Engine > 5.0.0.24
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-25 | CVE-2006-0232 | Remote vulnerability in Symantec Antivirus Scan Engine 5.0.0.24 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests. | 5.0 |
2006-04-25 | CVE-2006-0231 | Remote vulnerability in Symantec Antivirus Scan Engine 5.0.0.24 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications. | 6.4 |
2006-04-25 | CVE-2006-0230 | Remote vulnerability in Symantec Antivirus Scan Engine 5.0.0.24 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests. | 10.0 |