Vulnerabilites related to symantec - network_access_control
CVE-2012-0289 (GCVE-0-2012-0289)
Vulnerability from cvelistv5
Published
2012-05-23 21:00
Modified
2024-08-06 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:29.799Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "51795",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51795"
},
{
"name": "1027093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027093"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-10-30T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "51795",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51795"
},
{
"name": "1027093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027093"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0289",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"name": "51795",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51795"
},
{
"name": "1027093",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027093"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0289",
"datePublished": "2012-05-23T21:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:29.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4349 (GCVE-0-2012-4349)
Vulnerability from cvelistv5
Published
2012-12-11 11:00
Modified
2024-08-06 20:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.784Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
},
{
"name": "1027864",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027864"
},
{
"name": "56847",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56847"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-12-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
},
{
"name": "1027864",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027864"
},
{
"name": "56847",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56847"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4349",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
},
{
"name": "1027864",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027864"
},
{
"name": "56847",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56847"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4349",
"datePublished": "2012-12-11T11:00:00",
"dateReserved": "2012-08-16T00:00:00",
"dateUpdated": "2024-08-06T20:35:09.784Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-05-23 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | 11.0.6000 | |
| symantec | endpoint_protection | 11.0.6100 | |
| symantec | endpoint_protection | 11.0.6200 | |
| symantec | endpoint_protection | 11.0.6200.754 | |
| symantec | endpoint_protection | 11.0.6300 | |
| symantec | endpoint_protection | 11.0.7000 | |
| symantec | endpoint_protection | 11.0.7100 | |
| symantec | network_access_control | 11.0.6000 | |
| symantec | network_access_control | 11.0.6100 | |
| symantec | network_access_control | 11.0.6200 | |
| symantec | network_access_control | 11.0.6300 | |
| symantec | network_access_control | 11.0.7000 | |
| symantec | network_access_control | 11.0.7100 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.6000:*:*:*:*:*:*:*",
"matchCriteriaId": "FCFCFC06-BB3E-4EC0-99A6-B617988A5570",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.6100:*:*:*:*:*:*:*",
"matchCriteriaId": "3930F533-D9CF-41E9-A5F4-551874C780BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.6200:*:*:*:*:*:*:*",
"matchCriteriaId": "009B26A2-7096-42B9-910D-3CC296FFF8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.6300:*:*:*:*:*:*:*",
"matchCriteriaId": "F364C90E-F794-4A9C-981F-87EF54A2F81A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.7000:*:*:*:*:*:*:*",
"matchCriteriaId": "639C9956-5510-48C0-97F6-236C1DEB6045",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:11.0.7100:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDFBF60-F92C-45A7-A142-88C688E1F307",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.710x and Symantec Network Access Control (SNAC) 11.0.600x through 11.0.710x allows local users to gain privileges, and modify data or cause a denial of service, via a crafted script."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Symantec Endpoint Protection (SEP) v11.0.600x hasta v11.0.710x y Symantec Network Access Control (SNAC) v11.0.600x hasta v11.0.710x, permite a usuarios locales obtener privilegios, y modificar los datos o causar una denegaci\u00f3n de servicio, a trav\u00e9s de un script malicioso."
}
],
"id": "CVE-2012-0289",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-05-23T21:55:01.037",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/51795"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027093"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/51795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120522_01"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-12-11 12:18
Modified
2025-04-11 00:51
Severity ?
Summary
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | network_access_control | 12.1 | |
| symantec | network_access_control | 12.1.1 | |
| symantec | network_access_control | 12.1.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:network_access_control:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "35DB9A65-2758-475D-A32A-FAE9DF54261C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:12.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C426B80C-2D8E-4E2E-B6E1-D4AC828BE13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:network_access_control:12.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2036360-9192-462F-ADAA-EC99D5507232",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Symantec Network Access Control permite a usuarios locales ganar privilegios o causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2012-4349",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-12-11T12:18:36.797",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/56847"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1027864"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56847"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027864"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121210_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}