High

DATE	CVE	VULNERABILITY TITLE	RISK
2016-02-18	CVE-2015-8149	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Encryption Management Server 3.3.2 The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests. network low complexity symantec CWE-119	7.5
2016-02-18	CVE-2015-8148	Information Exposure vulnerability in Symantec Encryption Management Server 3.3.2 The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request. network low complexity symantec CWE-200	7.5
2009-06-08	CVE-2008-6828	Cleartext Storage of Sensitive Information vulnerability in Symantec Altiris Deployment Solution Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server. local low complexity symantec CWE-312	7.8
2009-06-08	CVE-2008-6827	Missing Authentication for Critical Function vulnerability in Symantec Altiris Deployment Solution The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 allows local users to gain SYSTEM privileges and execute arbitrary commands via a "Shatter" style attack on the "command prompt" hidden GUI button to (1) overwrite the CommandLine parameter to cmd.exe to use SYSTEM privileges and (2) modify the DLL that is loaded using the LoadLibrary API function. local low complexity symantec CWE-306	7.8
2004-11-23	CVE-2004-0079	NULL Pointer Dereference vulnerability in multiple products The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. network low complexity cisco symantec hp avaya redhat freebsd openbsd apple sco 4d checkpoint dell lite neoteris novell openssl sgi stonesoft tarantella vmware bluecoat securecomputing sun CWE-476	7.5
2004-04-15	CVE-2004-0217	Link Following vulnerability in Symantec Antivirus Scan Engine 4.0/4.3 The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log. local high complexity symantec CWE-59	7.0
2002-08-12	CVE-2002-0485	Improper Handling of Case Sensitivity vulnerability in Symantec Norton Antivirus Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients. network low complexity symantec CWE-178	7.5