Vulnerabilities > Symantec > Client Security > 3.1.0.401
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-02-23 | CVE-2010-0107 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec products Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | 9.3 |
2010-02-19 | CVE-2010-0108 | Buffer Errors vulnerability in Symantec Antivirus, Client Security and Endpoint Protection Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function. | 10.0 |
2010-02-19 | CVE-2010-0106 | Unspecified vulnerability in Symantec Antivirus, Client Security and Endpoint Protection The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources. local symantec | 1.9 |
2007-04-02 | CVE-2007-1793 | Improper Input Validation vulnerability in Symantec products SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. | 4.9 |
2007-03-16 | CVE-2007-1476 | Improper Input Validation vulnerability in Symantec products The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006, AntiVirus Corporate Edition 3.0.x through 10.1.x, and other Norton products, allows local users to cause a denial of service (system crash) by sending crafted data to the driver's \Device file, which triggers invalid memory access, a different vulnerability than CVE-2006-4855. | 1.9 |