symantec security check vulnerabilities and exploits

(subscribe to this query)

Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote malicious users to execute arbitrary code via a long argument to CompareVersionStrings.

Symantec Security Check

1 EDB exploit

rufsi.dll in Symantec Virus Detection allows remote malicious users to cause a denial of service (crash) via a long string to the GetPrivateProfileString function. NOTE: this issue was originally reported as a buffer overflow, but that specific claim is disputed by the vendor, al...

Symantec Security Check Virus Detection

1 EDB exploit

Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote malicious users to cause a denial of service and possibly execute ...

Symantec Enterprise Firewall 8.0 Symantec Gateway Security 5300 1.0 Symantec Gateway Security 5310 1.0 Symantec Firewall Vpn Appliance 100 Symantec Gateway Security 5400 2.0.1 Symantec Firewall Vpn Appliance 200 Symantec Gateway Security 300 2.0 Symantec Gateway Security 400 2.0 Symantec Gateway Security 5000 Series 3.0 Symantec Gateway Security 5100

libxslt up to and including 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

1 Github repository

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network acc...

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthent...

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network ...

1 Article

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This functi...

5 Github repositories1 Article

Stack-based buffer overflow in manager.exe in Backburner Manager in Autodesk Backburner 2016 2016.0.0.2150 and previous versions allows remote malicious users to execute arbitrary code or cause a denial of service (daemon crash) via a crafted command. NOTE: this is only a vulnera...

Autodesk Autodesk Backburner

Vulnerability in (1) Microsoft Excel 2002 and previous versions and (2) Microsoft PowerPoint 2002 and previous versions allows malicious users to bypass macro restrictions and execute arbitrary commands by modifying the data stream in the document.

Microsoft Excel Microsoft Powerpoint

1 2 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook