Vulnerabilities > Symantec > Antivirus Scan Engine > High

DATE CVE VULNERABILITY TITLE RISK
2005-02-08 CVE-2005-0249 Unspecified vulnerability in Symantec products
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
network
low complexity
symantec
7.5
2004-04-15 CVE-2004-0217 Link Following vulnerability in Symantec Antivirus Scan Engine 4.0/4.3
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
local
high complexity
symantec CWE-59
7.0