Vulnerabilities > Symantec > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-05-16 | CVE-2007-1173 | Remote Buffer Overflow vulnerability in Multiple Vendor XFERWAN.EXE Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet. | 10.0 |
| 2007-05-16 | CVE-2007-1689 | Buffer Overflow vulnerability in Symantec Norton Personal Firewall 2004 ActiveX Control Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions. | 10.0 |
| 2007-04-30 | CVE-2007-2375 | Remote Upgrade Remote Code Execution vulnerability in Symantec Enterprise Security Manager The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code via software that implements the agent upgrade protocol. | 10.0 |
| 2007-03-03 | CVE-2007-1252 | Unspecified vulnerability in Symantec Mail Security 5.0 Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. | 9.3 |
| 2007-02-22 | CVE-2006-6490 | Remote Buffer Overflow vulnerability in SupportSoft ActiveX Controls Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message. | 10.0 |
| 2006-12-14 | CVE-2006-6222 | Remote vulnerability in Symantec products Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 allows remote attackers to execute arbitrary code via a long request with a malformed length prefix. | 10.0 |
| 2006-12-14 | CVE-2006-5822 | Remote vulnerability in Symantec products Stack-based buffer overflow in the NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 allows remote attackers to execute arbitrary code via a long CONNECT_OPTIONS request, a different issue than CVE-2006-6222. | 10.0 |
| 2006-12-14 | CVE-2006-4902 | Remote vulnerability in Symantec products The NetBackup bpcd daemon (bpcd.exe) in Symantec Veritas NetBackup 5.0 before 5.0_MP7, 5.1 before 5.1_MP6, and 6.0 before 6.0_MP4 does not properly check for chained commands, which allows remote attackers to execute arbitrary commands by appending malicious commands to valid commands. | 10.0 |
| 2006-05-27 | CVE-2006-2630 | Remote Stack Buffer Overflow vulnerability in Symantec Client Security and Norton Antivirus Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via unknown attack vectors. | 10.0 |
| 2006-04-25 | CVE-2006-0230 | Remote vulnerability in Symantec Antivirus Scan Engine 5.0.0.24 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests. | 10.0 |