Vulnerabilities > Symantec > Ghost Solutions Suite
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-09-20 | CVE-2015-5689 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Deployment Solution and Ghost Solutions Suite ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image. | 6.8 |
| 2012-10-18 | CVE-2012-0306 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec Ghost Solutions Suite Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted backup file. | 6.8 |
| 2008-02-08 | CVE-2008-0640 | Improper Authentication vulnerability in Symantec Ghost Solutions Suite 1.1/2.0.0/2.0.1 Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing. | 10.0 |
| 2007-06-08 | CVE-2007-3132 | Denial of Service vulnerability in Symantec Ghost Solutions Suite and Norton Ghost Multiple vulnerabilities in Symantec Ghost Solution Suite 2.0.0 and earlier, with Ghost 8.0.992 and possibly other versions, allow remote attackers to cause a denial of service (client or server crash) via malformed requests to the daemon port, 1346/udp or 1347/udp. | 5.0 |
| 2006-03-19 | CVE-2006-1286 | Information Disclosure vulnerability in Symantec Ghost Solutions Suite and Norton Ghost Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database. | 2.1 |
| 2006-03-19 | CVE-2006-1285 | Local Information Disclosure and Data Corruption vulnerability in Symantec Ghost Solutions Suite and Norton Ghost SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, gives read and write permissions to all users for database shared memory sections, which allows local users to access and possibly modify certain information. | 3.2 |
| 2006-03-19 | CVE-2006-1284 | Local Administrative Authentication Credentials Disclosure vulnerability in Symantec Ghost Solutions Suite and Norton Ghost The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks. | 4.6 |