The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Endpoint Protection Symantec

computer vulnerability note CVE-2018-12238 CVE-2018-12239 CVE-2018-12245

Symantec Endpoint Protection: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Impacted products: SEP.
Severity: 2/4.
Consequences: user access/rights, data flow.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 29/11/2018.
Identifiers: CERTFR-2018-AVI-576, CVE-2018-12238, CVE-2018-12239, CVE-2018-12245, SYMSA1468, VIGILANCE-VUL-27909.

Description of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2018-5236 CVE-2018-5237

Symantec Endpoint Protection: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Impacted products: SEP.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 2.
Creation date: 21/06/2018.
Identifiers: CVE-2018-5236, CVE-2018-5237, SYMSA1454, VIGILANCE-VUL-26467.

Description of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2017-13680 CVE-2017-13681 CVE-2017-6331

Symantec Endpoint Protection: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Impacted products: SEP.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, data deletion.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 3.
Creation date: 07/11/2017.
Identifiers: CVE-2017-13680, CVE-2017-13681, CVE-2017-6331, SYM17-011, VIGILANCE-VUL-24359.

Description of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-9093 CVE-2016-9094

Symantec Endpoint Protection: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Impacted products: SEP.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 07/03/2017.
Identifiers: CVE-2016-9093, CVE-2016-9094, SYM17-002, VIGILANCE-VUL-22029.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Endpoint Protection.

An attacker can generate a memory corruption via the SymEvent driver, in order to trigger a denial of service, and possibly to run code with kernel privileges. [severity:3/4; CVE-2016-9093]

An attacker can make the product record data about a verified file in such a way that executable formula will be run after a log export to a spreadsheet. [severity:2/4; CVE-2016-9094]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2016-6592

Norton: code execution via the "Download Manager"

Synthesis of the vulnerability

An attacker can use a vulnerability via Download Manager of Norton, in order to run code.
Impacted products: Norton Antivirus, Norton Internet Security, Norton Security, SEP.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: user shell.
Creation date: 18/01/2017.
Identifiers: CVE-2016-6592, SYM17-001, VIGILANCE-VUL-21619.

Description of the vulnerability

An attacker can use a vulnerability via Download Manager of Norton, in order to run code. The error isof the kind described in VIGILANCE-VUL-18671.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2016-5311

Norton, Symantec Endpoint Protection: privilege escalation via DLL Pre-loading

Synthesis of the vulnerability

An attacker can bypass restrictions via DLL Pre-loading of Norton or Symantec Endpoint Protection, in order to escalate his privileges.
Impacted products: Norton Antivirus, Norton Internet Security, Norton Security, SEP.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Creation date: 18/11/2016.
Identifiers: CVE-2016-5311, SYM16-021, VIGILANCE-VUL-21156.

Description of the vulnerability

An attacker can bypass restrictions via DLL Pre-loading of Norton or Symantec Endpoint Protection, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-5309 CVE-2016-5310

Symantec Endpoint Protection, Mail Security, Web Gateway, Web Security: two vulnerabilities via RAR archives

Synthesis of the vulnerability

An attacker can use several vulnerabilities via the RAR archives analyser of Symantec Endpoint Protection, Mail Security, Web Gateway, Web Security.
Impacted products: SEP, Symantec Mail Security, Symantec Web Gateway, SWS.
Severity: 3/4.
Consequences: privileged access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 20/09/2016.
Revision date: 21/09/2016.
Identifiers: CVE-2016-5309, CVE-2016-5310, VIGILANCE-VUL-20654.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Endpoint Protection, Mail Security, Web Gateway, Web Security.

An attacker can generate a memory corruption in the RAR analyser, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5310]

An attacker can generate a read only buffer overflow n the RAR archive analyser, in order to trigger a denial of service. [severity:2/4; CVE-2016-5309]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2016-5308

Symantec Endpoint Protection, Norton Security: memory corruption in the parser for executable files

Synthesis of the vulnerability

An attacker can generate a memory corruption in the executable file parser of Symantec Endpoint Protection and Norton Security, in order to trigger a denial of service, and possibly to run code with the kernel privileges.
Impacted products: Norton Security, SEP.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on server.
Provenance: document.
Creation date: 08/07/2016.
Identifiers: CVE-2016-5308, SYM16-013, TALOS-2016-0182, VIGILANCE-VUL-20050.

Description of the vulnerability

The products Symantec Endpoint Protection and Norton Security analyse executable files.

To be able to intercept attempts to run a program file or load a shared library, the parser must be in the kernel. However, the kernel driver does not rightly manage some ill formed files. An attacker can inject code into the kernel memory space.

An attacker can therefore generate a memory corruption in the executable file parser of Symantec Endpoint Protection and Norton Security, in order to trigger a denial of service, and possibly to run code with the kernel privileges.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-2207 CVE-2016-2209 CVE-2016-2210

Symantec: seven vulnerabilities of the "Decomposer" module

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec products.
Impacted products: Norton Antivirus, Norton Internet Security, Norton Security, SEP, Symantec Mail Security, Symantec Web Gateway, SWS.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 29/06/2016.
Revision date: 29/06/2016.
Identifiers: 810, 814, 816, 818, 819, 821, 823, CERTFR-2016-AVI-222, CVE-2016-2207, CVE-2016-2209, CVE-2016-2210, CVE-2016-2211, CVE-2016-3644, CVE-2016-3645, CVE-2016-3646, VIGILANCE-VUL-19997.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Endpoint Protection.

An attacker can generate a buffer overflow via a substream of MS-Office file, in order to trigger a denial of service, and possibly to run code. [severity:4/4; 823, CVE-2016-2209]

An attacker can force a read at an invalid address via ALPkOldFormatDecompressor::UnShrink, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; 821, CVE-2016-3646]

An attacker can generate an integer overflow via Attachment::setDataFromAttachment, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 819, CVE-2016-3645]

An attacker can generate a buffer overflow via CMIMEParser::UpdateHeader, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 818, CVE-2016-3644]

An attacker can generate a memory corruption via a MSPACK archive, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 816, CVE-2016-2211]

An attacker can generate a buffer overflow via CSymLHA::get_header, in order to trigger a denial of service, and possibly to run code. [severity:4/4; 814, CVE-2016-2210]

An attacker can generate a memory corruption via a RAR archive, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 810, CVE-2016-2207]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-8801 CVE-2016-3647 CVE-2016-3648

Symantec Endpoint Protection: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Impacted products: SEP.
Severity: 2/4.
Consequences: privileged access/rights, client access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 12.
Creation date: 29/06/2016.
Identifiers: CVE-2015-8801, CVE-2016-3647, CVE-2016-3648, CVE-2016-3649, CVE-2016-3650, CVE-2016-3651, CVE-2016-3652, CVE-2016-3653, CVE-2016-5304, CVE-2016-5305, CVE-2016-5306, CVE-2016-5307, SYM16-011, VIGILANCE-VUL-19996.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Endpoint Protection.

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:2/4; CVE-2016-3647]

An attacker can try many authentication attempts since accounts are never locked. [severity:1/4; CVE-2016-3648]

An attacker can get information on existing administrator accounts. [severity:1/4; CVE-2016-3649]

An attacker can get server credentials. [severity:1/4; CVE-2016-3650]

An attacker can trigger a Cross Site Scripting via a DOM interface, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-3651]

An attacker can trigger a Cross Site Scripting via a management console, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-3652]

An attacker can trigger a Cross Site Request Forgery via a management console, in order to force the victim to perform operations. [severity:2/4; CVE-2016-3653]

An attacker can deceive the user, in order to redirect him to a malicious site. [severity:1/4; CVE-2016-5304]

An attacker can change a DOM interface to manipulate a link on php script. [severity:1/4; CVE-2016-5305]

An attacker can bypass "Strict transport security" rules using the port 8445. [severity:1/4; CVE-2016-5306]

An attacker can traverse directories in the management console, in order to read a file outside the root path. [severity:2/4; CVE-2016-5307]

An attacker can exploit race conditions, in order to escalate his privileges. [severity:1/4; CVE-2015-8801]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Endpoint Protection Symantec: