Vulnerabilities > Symantec > WEB Security > 3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-05 | CVE-2007-3699 | Remote vulnerability in Symantec AntiVirus Malformed CAB and RAR Compression The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header. | 9.3 |
| 2007-10-05 | CVE-2007-0447 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Symantec products Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. | 9.3 |
| 2004-12-31 | CVE-2004-2755 | Cross-Site Scripting vulnerability in Symantec web Security 2.5/3.0/3.0.1 Cross-site scripting (XSS) vulnerability in Symantec Web Security 2.5, 3.0.0, and 3.0.1 before build 62 allows remote attackers to inject arbitrary web script or HTML via the query string in blocked URLs that are listed in (1) error or (2) block page messages. | 4.3 |