Vulnerabilities > Symantec
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-12-31 | CVE-2004-1483 | Multiple vulnerability in Symantec Clientless VPN Gateway 4400 5.0 Multiple unknown vulnerabilities in the ActiveX and HTML file browsers in Symantec Clientless VPN Gateway 4400 Series 5.0 have unknown attack vectors and unknown impact. | 10.0 |
| 2004-12-31 | CVE-2004-1474 | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 uses a default read/write SNMP community string, which allows remote attackers to alter the firewall's configuration file. | 5.0 |
| 2004-12-31 | CVE-2004-1473 | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP port scan with a source port of UDP 53. | 5.0 |
| 2004-12-31 | CVE-2004-1472 | Remote vulnerability in Symantec Enterprise Firewall/VPN Appliance Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service (device freeze) via a fast UDP port scan on the WAN interface. | 5.0 |
| 2004-12-31 | CVE-2004-0369 | Remote IPsec/ISAKMP Buffer Overflow vulnerability in Entrust LibKMP ISAKMP Library Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 through 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote attackers to execute arbitrary code via a crafted ISAKMP payload. | 7.5 |
| 2004-12-17 | CVE-2004-1768 | Unspecified vulnerability in Symantec Brightmail Antispam 6.0.1 The character converters in the Spamhunter and Language ID modules for Symantec Brightmail AntiSpam 6.0.1 before patch 132 allow remote attackers to cause a denial of service (crash) via messages with the ISO-8859-10 character set, which is not recognized by the converters. | 5.0 |
| 2004-11-23 | CVE-2004-0081 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | 5.0 |
| 2004-11-23 | CVE-2004-0079 | NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | 7.5 |
| 2004-11-03 | CVE-2004-0920 | Unspecified vulnerability in Symantec Norton Antivirus Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS device name. | 5.0 |
| 2004-09-21 | CVE-2004-1694 | Remote Database Default Password vulnerability in Symantec ON Command CCM and ON Icommand Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access. | 7.5 |