Vulnerabilities > Symantec > Endpoint Protection > 12.1.671
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-16 | CVE-2016-9094 | Improper Input Validation vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. | 6.8 |
| 2012-12-18 | CVE-2012-4348 | Improper Input Validation vulnerability in Symantec Endpoint Protection The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors. | 7.2 |
| 2012-05-23 | CVE-2012-0295 | Code Injection vulnerability in Symantec Endpoint Protection 12.1/12.1.1000/12.1.671 The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294. | 9.3 |
| 2012-05-23 | CVE-2012-0294 | Path Traversal vulnerability in Symantec Endpoint Protection 12.1/12.1.1000/12.1.671 Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors. | 5.8 |