Search Results (Refine Search)
- CPE Product Version: cpe:/a:symantec:endpoint_protection:12.0:-:small_business
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-3434 |
Buffer overflow in the sysplant driver in Symantec Endpoint Protection (SEP) Client 11.x and 12.x before 12.1 RU4 MP1b, and Small Business Edition before SEP 12.1, allows local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call. Published: August 06, 2014; 3:55:03 PM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2012-4348 |
The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors. Published: December 18, 2012; 3:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-4953 |
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file. Published: November 14, 2012; 7:30:59 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |