Vulnerabilities > Symantec > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-11-03 | CVE-2004-0920 | Unspecified vulnerability in Symantec Norton Antivirus Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS device name. | 5.0 |
| 2004-08-18 | CVE-2004-0375 | Remote Denial Of Service vulnerability in Symantec Client Firewall Products SYMNDIS.SYS Driver SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero. | 5.0 |
| 2004-08-06 | CVE-2004-0683 | Denial-Of-Service vulnerability in Norton AntiVirus 2003 Professional Edition Symantec Norton AntiVirus 2002 and 2003 allows remote attackers to cause a denial of service (CPU consumption) via a compressed archive that contains a large number of directories. | 5.0 |
| 2004-08-06 | CVE-2004-0671 | Unspecified vulnerability in Symantec Brightmail Antispam 6.0 Brightmail Spamfilter 6.0 and earlier beta releases allows remote attackers to read mail from other users by modifying the id parameter in a viewMsgDetails.do request. | 5.0 |
| 2004-06-15 | CVE-2004-1754 | Unspecified vulnerability in Symantec Enterprise Firewall and Gateway Security The DNS proxy (DNSd) for multiple Symantec Gateway Security products allows remote attackers to poison the DNS cache via a malicious DNS server query response that contains authoritative or additional records. | 5.0 |
| 2004-03-15 | CVE-2004-0192 | Cross-Site Scripting vulnerability in Symantec Gateway Security 5400 2.0 Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page. network symantec | 6.8 |
| 2003-12-31 | CVE-2003-1451 | Buffer Errors vulnerability in Symantec Norton Antivirus 2002 Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename. | 6.4 |
| 2003-12-31 | CVE-2003-1310 | Unspecified vulnerability in Symantec Norton Antivirus 2002/2003 The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack"). | 4.6 |
| 2003-10-27 | CVE-2003-1149 | Cross-Site Scripting vulnerability in Symantec Norton Internet Security 20036.0.4.34 Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page. network symantec | 4.3 |
| 2003-03-31 | CVE-2002-1535 | Information Disclosure vulnerability in Symantec Enterprise Firewall and Raptor Firewall Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present. | 5.0 |