Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2007-0447 |
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. Published: October 05, 2007; 5:17:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2007-3699 |
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header. Published: October 05, 2007; 5:17:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2005-3217 |
Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. Published: October 14, 2005; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2005-2758 |
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow. Published: October 05, 2005; 3:02:00 PM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2005-0249 |
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. Published: February 08, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2004-0217 |
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log. Published: April 15, 2004; 12:00:00 AM -0400 |
V3.1: 7.0 HIGH V2.0: 3.7 LOW |