Mail Security
by Symantec
CVEs (17)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2007-5909 | 0.02 | — | 0.21 | Nov 10, 2007 | Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary… | |||
| CVE-2005-0249 | 0.02 | — | 0.19 | Feb 8, 2005 | Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header. | |||
| CVE-2008-4564 | 0.01 | — | 0.07 | Mar 18, 2009 | Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute… | |||
| CVE-2007-5910 | 0.01 | — | 0.07 | Nov 10, 2007 | Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute… | |||
| CVE-2007-1252 | 0.01 | — | 0.07 | Mar 3, 2007 | Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources. | |||
| CVE-2011-0548 | 0.00 | — | 0.05 | Jul 18, 2011 | Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1,… | |||
| CVE-2010-0131 | 0.00 | — | 0.04 | Aug 17, 2010 | Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point… | |||
| CVE-2009-3032 | 0.00 | — | 0.04 | Mar 5, 2010 | Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via… | |||
| CVE-2009-3037 | 0.00 | — | 0.06 | Sep 1, 2009 | Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to… | |||
| CVE-2007-5405 | 0.00 | — | 0.06 | Apr 10, 2008 | Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with… | |||
| CVE-2007-6020 | 0.00 | — | 0.06 | Apr 10, 2008 | Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long… | |||
| CVE-2007-5406 | 0.00 | — | 0.03 | Apr 10, 2008 | kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service… | |||
| CVE-2007-3699 | 0.00 | — | 0.04 | Oct 5, 2007 | The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header. | |||
| CVE-2007-0447 | 0.00 | — | 0.06 | Oct 5, 2007 | Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives. | |||
| CVE-2007-1792 | 0.00 | — | 0.05 | Jun 27, 2007 | libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail,… | |||
| CVE-2006-5545 | 0.00 | — | 0.02 | Oct 26, 2006 | Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay. | |||
| CVE-2005-1346 | 0.00 | — | 0.01 | May 2, 2005 | Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on… |
- CVE-2007-5909Nov 10, 2007risk 0.02cvss —epss 0.21
Multiple stack-based buffer overflows in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, IBM Lotus Notes before 7.0.3, Symantec Mail Security, and other products, allow remote attackers to execute arbitrary…
- CVE-2005-0249Feb 8, 2005risk 0.02cvss —epss 0.19
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
- CVE-2008-4564Mar 18, 2009risk 0.01cvss —epss 0.07
Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remote attackers to execute…
- CVE-2007-5910Nov 10, 2007risk 0.01cvss —epss 0.07
Stack-based buffer overflow in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK before 9.2.0.12, as used by ActivePDF DocConverter, wp6sr.dll in IBM Lotus Notes 8.0 and before 7.0.3, Symantec Mail Security, and other products, allows remote attackers to execute…
- CVE-2007-1252Mar 3, 2007risk 0.01cvss —epss 0.07
Buffer overflow in Symantec Mail Security for SMTP 5.0 before Patch 175 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted headers in an e-mail message. NOTE: some information was obtained from third party sources.
- CVE-2011-0548Jul 18, 2011risk 0.00cvss —epss 0.05
Buffer overflow in the Lotus Freelance Graphics PRZ file viewer in Autonomy KeyView, as used in Symantec Mail Security (SMS) 6.x through 8.x, Symantec Brightmail and Messaging Gateway before 9.5.1, and Symantec Data Loss Prevention (DLP) before 10.5.3 and 11.x before 11.1,…
- CVE-2010-0131Aug 17, 2010risk 0.00cvss —epss 0.04
Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to floating point…
- CVE-2009-3032Mar 5, 2010risk 0.00cvss —epss 0.04
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via…
- CVE-2009-3037Sep 1, 2009risk 0.00cvss —epss 0.06
Buffer overflow in xlssr.dll in the Autonomy KeyView XLS viewer (aka File Viewer for Excel), as used in IBM Lotus Notes 5.x through 8.5.x, Symantec Mail Security, Symantec BrightMail Appliance, Symantec Data Loss Prevention (DLP), and other products, allows remote attackers to…
- CVE-2007-5405Apr 10, 2008risk 0.00cvss —epss 0.06
Multiple buffer overflows in kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a .ag file with…
- CVE-2007-6020Apr 10, 2008risk 0.00cvss —epss 0.06
Multiple stack-based buffer overflows in foliosr.dll in the Folio Flat File speed reader in Autonomy (formerly Verity) KeyView 10.3.0.0, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, allow remote attackers to execute arbitrary code via a long…
- CVE-2007-5406Apr 10, 2008risk 0.00cvss —epss 0.03
kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cause a denial of service…
- CVE-2007-3699Oct 5, 2007risk 0.00cvss —epss 0.04
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
- CVE-2007-0447Oct 5, 2007risk 0.00cvss —epss 0.06
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.
- CVE-2007-1792Jun 27, 2007risk 0.00cvss —epss 0.05
libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a denial of service (crash) via a crafted executable attachment in an e-mail,…
- CVE-2006-5545Oct 26, 2006risk 0.00cvss —epss 0.02
Premium Antispam in Symantec Mail Security for Domino Server 5.1.x before 5.1.2.28 does not filter certain SMTP address formats, which allows remote attackers to use the product as a spam relay.
- CVE-2005-1346May 2, 2005risk 0.00cvss —epss 0.01
Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on…