Vulnerabilities > Symantec > Norton Personal Firewall > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-05 | CVE-2007-0447 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec products Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. | 9.3 |
| 2007-10-05 | CVE-2007-3699 | Remote vulnerability in Symantec AntiVirus Malformed CAB and RAR Compression The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header. | 9.3 |
| 2007-05-16 | CVE-2007-1689 | Buffer Overflow vulnerability in Symantec Norton Personal Firewall 2004 ActiveX Control Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions. | 10.0 |
| 2004-07-07 | CVE-2004-0444 | Buffer Overflow vulnerability in Symantec Client Firewall NetBIOS Name Service Response Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components. | 10.0 |