VYPR

Endpoint Protection

by Symantec

CVEs (83)

  • CVE-2018-12239Nov 29, 2018
    risk 0.00cvss epss 0.01

    Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be…

  • CVE-2018-12238Nov 29, 2018
    risk 0.00cvss epss 0.00

    Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be…

  • CVE-2015-8113Nov 12, 2015
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2015-6554Nov 12, 2015
    risk 0.00cvss epss 0.03

    Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data.

  • CVE-2014-9229Sep 20, 2015
    risk 0.00cvss epss 0.02

    Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.

  • CVE-2014-9228Sep 20, 2015
    risk 0.00cvss epss 0.00

    sysplant.sys in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allows local users to cause a denial of service (blocked system shutdown) by triggering an unspecified deadlock condition.

  • CVE-2014-9227Sep 20, 2015
    risk 0.00cvss epss 0.00

    Multiple untrusted search path vulnerabilities in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow local users to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2015-1492Aug 1, 2015
    risk 0.00cvss epss 0.02

    Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package.

  • CVE-2013-5011Jan 10, 2014
    risk 0.00cvss epss 0.00

    Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the…

  • CVE-2013-5010Jan 10, 2014
    risk 0.00cvss epss 0.00

    The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local…

  • CVE-2013-5009Jan 10, 2014
    risk 0.00cvss epss 0.01

    The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges…

  • CVE-2012-4348Dec 18, 2012
    risk 0.00cvss epss 0.01

    The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to…

  • CVE-2012-4953Nov 14, 2012
    risk 0.00cvss epss 0.06

    The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of…

  • CVE-2012-1821May 24, 2012
    risk 0.00cvss epss 0.03

    The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that…

  • CVE-2012-0295May 23, 2012
    risk 0.00cvss epss 0.04

    The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294.

  • CVE-2012-0294May 23, 2012
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in the Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to delete files via unspecified vectors.

  • CVE-2011-0551Aug 15, 2011
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create…

  • CVE-2011-0550Aug 15, 2011
    risk 0.00cvss epss 0.01

    Multiple cross-site scripting (XSS) vulnerabilities in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allow remote attackers to inject arbitrary web script or HTML via (1) the token parameter to…

  • CVE-2010-3268Dec 22, 2010
    risk 0.00cvss epss 0.03

    The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint…

  • CVE-2010-0114Dec 22, 2010
    risk 0.00cvss epss 0.05

    fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a…

Page 4 of 5