Vulnerabilities > Symantec
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-08-18 | CVE-2004-0487 | Remote Code Execution vulnerability in Symantec Norton Antivirus 2.1 A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consumption) and possibly execute arbitrary programs. | 10.0 |
| 2004-08-18 | CVE-2004-0375 | Remote Denial Of Service vulnerability in Symantec Client Firewall Products SYMNDIS.SYS Driver SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero. | 5.0 |
| 2004-08-06 | CVE-2004-0683 | Denial-Of-Service vulnerability in Norton AntiVirus 2003 Professional Edition Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU consumption) via a compressed archive that contains a large number of directories. | 5.0 |
| 2004-08-06 | CVE-2004-0671 | Unspecified vulnerability in Symantec Brightmail Antispam 6.0 Brightmail Spamfilter 6.0 and earlier beta releases allows remote attackers to read mail from other users by modifying the id parameter in a viewMsgDetails.do request. | 5.0 |
| 2004-07-07 | CVE-2004-0445 | Remote DNS Response Denial Of Service vulnerability in Symantec Client Firewall The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself. | 2.6 |
| 2004-07-07 | CVE-2004-0444 | Buffer Overflow vulnerability in Symantec Client Firewall NetBIOS Name Service Response Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allow remote attackers to cause a denial of service or execute arbitrary code via (1) a manipulated length byte in the first-level decoding routine for NetBIOS Name Service (NBNS) that modifies an index variable and leads to a stack-based buffer overflow, (2) a heap-based corruption problem in an NBNS response that is missing certain RR fields, and (3) a stack-based buffer overflow in the DNS component via a Resource Record (RR) with a long canonical name (CNAME) field composed of many smaller components. | 10.0 |
| 2004-06-15 | CVE-2004-1754 | Unspecified vulnerability in Symantec Enterprise Firewall and Gateway Security The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. | 5.0 |
| 2004-04-15 | CVE-2004-0364 | Remote Command Execution vulnerability in Symantec Norton Internet Security 2004 The WrapNISUM ActiveX component (WrapUM.dll) in Norton Internet Security 2004 is marked safe for scripting, which allows remote attackers to execute arbitrary programs via the LaunchURL method. | 7.5 |
| 2004-04-15 | CVE-2004-0363 | Buffer Overrun vulnerability in Symantec Norton Antispam 2004 Stack-based buffer overflow in the SymSpamHelper ActiveX component (symspam.dll) in Norton AntiSpam 2004, as used in Norton Internet Security 2004, allows remote attackers to execute arbitrary code via a long parameter to the LaunchCustomRuleWizard method. | 7.5 |
| 2004-04-15 | CVE-2004-0217 | Link Following vulnerability in Symantec Antivirus Scan Engine 4.0/4.3 The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log. | 7.0 |