Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

symantec gateway security 5400 2.0 vulnerabilities and exploits

(subscribe to this query)
6.8
CVSSv2
CVE-2004-0192
Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote malicious users to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.
Symantec Gateway Security 5400 2.0
5
CVSSv2
CVE-2005-0817
Unknown vulnerability in the DNSd proxy, as used in Symantec Gateway Security 5400 2.x and 5300 1.x, Enterprise Firewall 7.0.x and 8.x, and VelociRaptor 1100/1200/1300 1.5, allows remote malicious users to poison the DNS cache and redirect users to malicious sites.
Symantec Velociraptor Model 1300Symantec Enterprise Firewall 7.0Symantec Enterprise Firewall 8.0Symantec Gateway Security 5300 1.0Symantec Gateway Security 5400 2.0
7.5
CVSSv2
CVE-2004-0369
Buffer overflow in Entrust LibKmp ISAKMP library, as used by Symantec Enterprise Firewall 7.0 up to and including 8.0, Gateway Security 5300 1.0, Gateway Security 5400 2.0, and VelociRaptor 1.5, allows remote malicious users to execute arbitrary code via a crafted ISAKMP payload.
Symantec Velociraptor 1.5Symantec Enterprise Firewall 7.0.4Symantec Enterprise Firewall 7.0Entrust Entrust Libkmp Isakmp LibrarySymantec Enterprise Firewall 8.0Symantec Gateway Security 5300 1.0Symantec Gateway Security 5400 2.0
9.3
CVSSv2
CVE-2007-0447
Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote malicious users to execute arbitrary code via multiple crafted CAB archives.
Symantec Antivirus Scan Engine 4.3.12Symantec Antivirus Scan Engine 4.3Symantec Brightmail Antispam 6.0.1Symantec Brightmail Antispam 6.0.2Symantec Client Security 2.0.4Symantec Client Security 3.0.1.1001Symantec Client Security 3.0.1.1007Symantec Client Security 3.0.2.2020Symantec Client Security 3.0.2.2021Symantec Mail Security 4.0Symantec Mail Security 4.1Symantec Mail Security 4.6.3Symantec Mail Security 4.6 Build 97Symantec Norton AntivirusSymantec Norton Antivirus 10.0.0.359Symantec Norton Antivirus 10.0.2.2002Symantec Norton Antivirus 10.0.2.2010Symantec Norton Antivirus 10.1.396Symantec Norton Antivirus 10.1.4.4010Symantec Norton Antivirus 2004Symantec Norton Antivirus 2005Symantec Norton Antivirus 9.0.1.1.1000
9.3
CVSSv2
CVE-2007-3699
The Decomposer component in multiple Symantec products allows remote malicious users to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
Symantec Antivirus Scan Engine 4.0Symantec Antivirus Scan Engine 4.3.12Symantec Antivirus Scan Engine 4.3Symantec Brightmail Antispam 6.0.2Symantec Brightmail Antispam 6.0.3Symantec Client Security 2.0.4Symantec Client Security 2.0.5 Build 1100 Mp1Symantec Client Security 3.0.1.1007Symantec Client Security 3.0.1.1008Symantec Client Security 3.0.2.2021Symantec Client Security 3.1Symantec Mail Security 4.0Symantec Mail Security 4.1Symantec Mail Security 4.5.4.743Symantec Mail Security 4.6 Build 97Symantec Mail Security 5.0.0.204Symantec Norton Antivirus 10.0.0.359Symantec Norton Antivirus 10.0.0Symantec Norton Antivirus 10.0.2.2010Symantec Norton Antivirus 10.0.2.2011Symantec Norton Antivirus 10.1.4.4010Symantec Norton Antivirus 10.1.4
9.3
CVSSv2
CVE-2004-1029
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote malicious users to load unsafe classes and execute...
Hp Java Sdk-rte 1.3Sun Jdk 1.3.1 02Sun Jdk 1.3.1 03Sun Jdk 1.3.1 06Sun Jdk 1.4.0 02Sun Jdk 1.4.0 03Sun Jdk 1.4.1Sun Jdk 1.4.1 03Sun Jdk 1.4.2 03Sun Jdk 1.4Sun Jre 1.3.0Sun Jre 1.3.1Sun Jre 1.3.1 02Sun Jre 1.3.1 05Sun Jre 1.3.1 06Sun Jre 1.3.1 09Sun Jre 1.4.0 03Sun Jre 1.4.1Sun Jre 1.4.1 07Sun Jre 1.4.2Conectiva Linux 10.0Sun Jdk 1.3.1 05
7.5
CVSSv2
CVE-2005-3768
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote malicious users to cause a denial of service and possibly execute ...
Symantec Enterprise Firewall 8.0Symantec Gateway Security 5300 1.0Symantec Gateway Security 5310 1.0Symantec Firewall Vpn Appliance 100Symantec Gateway Security 5400 2.0.1Symantec Firewall Vpn Appliance 200Symantec Gateway Security 300 2.0Symantec Gateway Security 400 2.0Symantec Gateway Security 5000 Series 3.0Symantec Gateway Security 5100
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook