Vulnerabilities > Symantec > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-03-26 | CVE-2013-1609 | Local Privilege Escalation vulnerability in Symantec Enterprise Vault for File System Archiving 10.0.0 Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program. | 6.8 |
| 2013-03-26 | CVE-2013-1608 | Path Traversal vulnerability in Symantec Netbackup Appliance 2.0.0 Directory traversal vulnerability in the Management Console on the Symantec NetBackup (NBU) appliance 2.0.x allows remote attackers to read arbitrary files via unspecified vectors. | 6.7 |
| 2013-02-18 | CVE-2012-6533 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec Encryption Desktop and PGP Desktop Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application. | 4.4 |
| 2013-02-18 | CVE-2012-4351 | Numeric Errors vulnerability in Symantec Encryption Desktop and PGP Desktop Integer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 allows local users to gain privileges via a crafted application. | 6.9 |
| 2012-12-05 | CVE-2012-4347 | Path Traversal vulnerability in Symantec Messaging Gateway Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. | 5.0 |
| 2012-10-18 | CVE-2012-0306 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec Ghost Solutions Suite Symantec Ghost Solution Suite 2.x through 2.5.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted backup file. | 6.8 |
| 2012-08-29 | CVE-2012-0308 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Messaging Gateway Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of administrators. | 6.8 |
| 2012-08-29 | CVE-2012-0307 | Cross-Site Scripting vulnerability in Symantec Messaging Gateway Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content. | 4.3 |
| 2012-08-22 | CVE-2010-3497 | Permissions, Privileges, and Access Controls vulnerability in Symantec Norton Antivirus 2011 Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. | 6.4 |
| 2012-07-23 | CVE-2012-2977 | Permissions, Privileges, and Access Controls vulnerability in Symantec web Gateway The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script. | 5.0 |