Search Results (575 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-2206 1 Symantec 1 Norton Antivirus 2026-04-16 N/A
The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.
CVE-2002-1777 1 Symantec 1 Norton Antivirus 2026-04-16 N/A
NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension such as .nch or .dbx, but a malicious extension in the Content-Disposition field, which is used by Outlook to obtain the file name. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but Norton AntiVirus or the Office plug-in would detect the virus before it is executed
CVE-2005-4695 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
Symantec Brightmail AntiSpam 6.0 build 1 and 2 allows remote attackers to cause a denial of service (bmserver component termination) via malformed MIME messages.
CVE-2002-0990 1 Symantec 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more 2026-04-16 N/A
The web proxy component in Symantec Enterprise Firewall (SEF) 6.5.2 through 7.0, Raptor Firewall 6.5 and 6.5.3, VelociRaptor, and Symantec Gateway Security allow remote attackers to cause a denial of service (connection resource exhaustion) via multiple connection requests to domains whose DNS server is unresponsive or does not exist, which generates a long timeout.
CVE-2002-0485 1 Symantec 1 Norton Antivirus 2026-04-16 7.5 High
Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients.
CVE-2002-1535 1 Symantec 2 Enterprise Firewall, Raptor Firewall 2026-04-16 N/A
Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.
CVE-2002-1540 1 Symantec 1 Norton Antivirus 2026-04-16 N/A
The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.
CVE-1999-0842 1 Symantec 1 Mail-gear 2026-04-16 N/A
Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack.
CVE-2005-1867 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
Symantec Brightmail AntiSpam before 6.0.2 has a hard-coded database administrator password, which allows remote attackers to gain privileges.
CVE-2005-2758 1 Symantec 2 Antivirus Scan Engine, Antivirus Scan Engine For Network Attached Storage 2026-04-16 N/A
Integer signedness error in the administrative interface for Symantec AntiVirus Scan Engine 4.0 and 4.3 allows remote attackers to execute arbitrary code via crafted HTTP headers with negative values, which lead to a heap-based buffer overflow.
CVE-2002-0309 1 Symantec 1 Enterprise Firewall 2026-04-16 N/A
SMTP proxy in Symantec Enterprise Firewall (SEF) 6.5.x includes the firewall's physical interface name and address in an SMTP protocol exchange when NAT translation is made to an address other than the firewall, which could allow remote attackers to determine certain firewall configuration information.
CVE-2002-0344 1 Symantec 1 Liveupdate 2026-04-16 N/A
Symantec LiveUpdate 1.5 and earlier in Norton Antivirus stores usernames and passwords for a local LiveUpdate server in cleartext in the registry, which may allow remote attackers to impersonate the LiveUpdate server.
CVE-2002-2336 1 Symantec 1 Norton Personal Firewall 2026-04-16 N/A
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
CVE-2004-0920 1 Symantec 1 Norton Antivirus 2026-04-16 N/A
Symantec Norton AntiVirus 2004, and earlier versions, allows a virus or other malicious code to avoid detection or cause a denial of service (application crash) using a filename containing an MS-DOS device name.
CVE-2006-4014 1 Symantec 1 Brightmail Antispam 2026-04-16 N/A
Symantec Brightmail AntiSpam (SBAS) before 6.0.4, when the Control Center is allowed to connect from any computer, allows remote attackers to cause a denial of service (application freeze) "by sending invalid posts".
CVE-2006-1836 1 Symantec 6 Liveupdate, Norton Antivirus, Norton Internet Security and 3 more 2026-04-16 N/A
Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the execution path, which allows local users to gain privileges via a Trojan horse program.
CVE-2006-4266 1 Symantec 1 Norton Personal Firewall 2026-04-16 N/A
Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local users to provide Trojan horse libraries to Norton by using RegSaveKey and RegRestoreKey to modify HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners, as demonstrated using NISProd.dll. NOTE: in most cases, this attack would not cross privilege boundaries, because modifying the SuiteOwners key requires administrative privileges. However, this issue is a vulnerability because the product's functionality is intended to protect against privileged actions such as this.
CVE-2006-1284 1 Symantec 2 Ghost Solutions Suite, Norton Ghost 2026-04-16 N/A
The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.
CVE-2006-2341 1 Symantec 2 Enterprise Firewall, Gateway Security 2026-04-16 N/A
The HTTP proxy in Symantec Gateway Security 5000 Series 2.0.1 and 3.0, and Enterprise Firewall 8.0, when NAT is being used, allows remote attackers to determine internal IP addresses by using malformed HTTP requests, as demonstrated using a get request without a space separating the URI.
CVE-2006-4314 1 Symantec 1 Enterprise Security Manager 2026-04-16 N/A
The manager server in Symantec Enterprise Security Manager (ESM) 6 and 6.5.x allows remote attackers to cause a denial of service (hang) via a malformed ESM agent request.