Vulnerabilities > Symantec > Norton Antivirus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1451 | Buffer Errors vulnerability in Symantec Norton Antivirus 2002 Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename. | 6.4 |
| 2003-12-31 | CVE-2003-1310 | Unspecified vulnerability in Symantec Norton Antivirus 2002/2003 The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack"). | 4.6 |
| 2003-03-31 | CVE-2002-1540 | Unspecified vulnerability in Symantec Norton Antivirus Corporate7.5/Corporate7.51/Corporate7.6 The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32. | 7.2 |
| 2002-12-31 | CVE-2002-2206 | Local Denial of Service vulnerability in Symantec Norton Antivirus 2001 The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries. | 7.8 |
| 2002-08-12 | CVE-2002-0485 | Improper Handling of Case Sensitivity vulnerability in Symantec Norton Antivirus Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients. | 7.5 |
| 2001-09-07 | CVE-2001-1099 | Unrestricted Upload of File With Dangerous Type vulnerability in Symantec Norton Antivirus 2.5 The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice. | 5.0 |
| 2000-06-14 | CVE-2000-0478 | Unspecified vulnerability in Symantec Norton Antivirus 1.5/2.0 In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server. | 5.0 |
| 2000-06-14 | CVE-2000-0477 | Unspecified vulnerability in Symantec Norton Antivirus 1.5/2.0 Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names. | 5.0 |
| 1999-12-22 | CVE-2000-0119 | The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. | 7.2 |
| 1999-04-09 | CVE-1999-1323 | Unspecified vulnerability in Symantec Norton Antivirus Norton AntiVirus for Internet Email Gateways (NAVIEG) 1.0.1.7 and earlier, and Norton AntiVirus for MS Exchange (NAVMSE) 1.5 and earlier, store the administrator password in cleartext in (1) the navieg.ini file for NAVIEG, and (2) the ModifyPassword registry key in NAVMSE. | 4.6 |