Unrated severityNVD Advisory· Published Apr 25, 2006· Updated Apr 16, 2026

CVE-2006-0232

Description

Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests.

Affected products

Symantec/Antivirus Scan Engine
cpe:2.3:a:symantec:antivirus_scan_engine:5.0.0.24:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/vulnwatch/2006-q2/0012.htmlnvdExploitPatchVendor Advisory
secunia.com/advisories/19734nvd
securityreason.com/securityalert/758nvd
securityreason.com/securityalert/759nvd
securitytracker.com/idnvd
www.securityfocus.com/archive/1/431728/100/0/threadednvd
www.securityfocus.com/archive/1/431734/100/0/threadednvd
www.securityfocus.com/bid/17637nvd
www.symantec.com/avcenter/security/Content/2006.04.21.htmlnvd
www.vupen.com/english/advisories/2006/1464nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25974nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000