Vulnerabilites related to symantec - pcanywhere
CVE-2006-3786 (GCVE-0-2006-3786)
Vulnerability from cvelistv5
Published
2006-07-21 21:00
Modified
2024-08-07 18:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:54.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016534",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016534"
},
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1261"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016534",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016534"
},
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1261"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3786",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016534",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016534"
},
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"name": "http://www.digitalbullets.org/?p=3",
"refsource": "MISC",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1261"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3786",
"datePublished": "2006-07-21T21:00:00",
"dateReserved": "2006-07-21T00:00:00",
"dateUpdated": "2024-08-07T18:39:54.086Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1028 (GCVE-0-1999-1028)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-01 16:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "288",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/288"
},
{
"name": "19990528 DoS against PC Anywhere",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=92807524225090\u0026w=2"
},
{
"name": "pcanywhere-dos(2256)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/2256.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-17T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "288",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/288"
},
{
"name": "19990528 DoS against PC Anywhere",
"tags": [
"mailing-list",
"x_refsource_NTBUGTRAQ"
],
"url": "http://marc.info/?l=ntbugtraq\u0026m=92807524225090\u0026w=2"
},
{
"name": "pcanywhere-dos(2256)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/2256.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1028",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "288",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/288"
},
{
"name": "19990528 DoS against PC Anywhere",
"refsource": "NTBUGTRAQ",
"url": "http://marc.info/?l=ntbugtraq\u0026m=92807524225090\u0026w=2"
},
{
"name": "pcanywhere-dos(2256)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/2256.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1028",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2001-08-31T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0290 (GCVE-0-2012-0290)
Vulnerability from cvelistv5
Published
2012-02-06 20:00
Modified
2024-08-06 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an "open client session."
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:29.301Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51862",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51862"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "pcanywhere-unauth-access(72996)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72996"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an \"open client session.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "51862",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51862"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "pcanywhere-unauth-access(72996)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72996"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an \"open client session.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51862",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51862"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "pcanywhere-unauth-access(72996)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72996"
},
{
"name": "48092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0290",
"datePublished": "2012-02-06T20:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:29.301Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-1970 (GCVE-0-2005-1970)
Vulnerability from cvelistv5
Published
2005-06-14 04:00
Modified
2024-08-07 22:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.895Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15673",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/15673"
},
{
"name": "13933",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13933"
},
{
"name": "1014178",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014178"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 10.5x and 11.x before 11.5, with \"Launch with Windows\" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-01-12T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15673",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/15673"
},
{
"name": "13933",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13933"
},
{
"name": "1014178",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014178"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1970",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere 10.5x and 11.x before 11.5, with \"Launch with Windows\" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15673",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/15673"
},
{
"name": "13933",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13933"
},
{
"name": "1014178",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014178"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1970",
"datePublished": "2005-06-14T04:00:00",
"dateReserved": "2005-06-14T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.895Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0291 (GCVE-0-2012-0291)
Vulnerability from cvelistv5
Published
2012-02-22 11:00
Modified
2024-08-06 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:30.070Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "51965",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51965"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "51965",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51965"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "51965",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51965"
},
{
"name": "48092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0291",
"datePublished": "2012-02-22T11:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:30.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2619 (GCVE-0-2007-2619)
Vulnerability from cvelistv5
Published
2007-05-11 16:00
Modified
2024-08-07 13:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:42:33.856Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "pcanywhere-memory-information-disclosure(34203)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34203"
},
{
"name": "ADV-2007-1753",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1753"
},
{
"name": "41982",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html"
},
{
"name": "1018032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018032"
},
{
"name": "23875",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23875"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "pcanywhere-memory-information-disclosure(34203)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34203"
},
{
"name": "ADV-2007-1753",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1753"
},
{
"name": "41982",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html"
},
{
"name": "1018032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018032"
},
{
"name": "23875",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23875"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "pcanywhere-memory-information-disclosure(34203)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34203"
},
{
"name": "ADV-2007-1753",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1753"
},
{
"name": "41982",
"refsource": "OSVDB",
"url": "http://osvdb.org/41982"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html"
},
{
"name": "1018032",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018032"
},
{
"name": "23875",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23875"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2619",
"datePublished": "2007-05-11T16:00:00",
"dateReserved": "2007-05-11T00:00:00",
"dateUpdated": "2024-08-07T13:42:33.856Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-0538 (GCVE-0-2009-0538)
Vulnerability from cvelistv5
Published
2009-03-18 15:00
Modified
2024-08-07 04:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:40:05.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html"
},
{
"name": "33845",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33845"
},
{
"name": "34305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34305"
},
{
"name": "1021855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021855"
},
{
"name": "symantec-pcanywhere-unspecified-dos(49291)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49291"
},
{
"name": "52797",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/52797"
},
{
"name": "ADV-2009-0755",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0755"
},
{
"name": "20090318 Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/501930/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.layereddefense.com/pcanywhere17mar.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html"
},
{
"name": "33845",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33845"
},
{
"name": "34305",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34305"
},
{
"name": "1021855",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021855"
},
{
"name": "symantec-pcanywhere-unspecified-dos(49291)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49291"
},
{
"name": "52797",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/52797"
},
{
"name": "ADV-2009-0755",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0755"
},
{
"name": "20090318 Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/501930/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.layereddefense.com/pcanywhere17mar.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html"
},
{
"name": "33845",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33845"
},
{
"name": "34305",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34305"
},
{
"name": "1021855",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021855"
},
{
"name": "symantec-pcanywhere-unspecified-dos(49291)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49291"
},
{
"name": "52797",
"refsource": "OSVDB",
"url": "http://osvdb.org/52797"
},
{
"name": "ADV-2009-0755",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0755"
},
{
"name": "20090318 Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/501930/100/0/threaded"
},
{
"name": "http://www.layereddefense.com/pcanywhere17mar.html",
"refsource": "MISC",
"url": "http://www.layereddefense.com/pcanywhere17mar.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0538",
"datePublished": "2009-03-18T15:00:00",
"dateReserved": "2009-02-12T00:00:00",
"dateUpdated": "2024-08-07T04:40:05.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3785 (GCVE-0-2006-3785)
Vulnerability from cvelistv5
Published
2006-07-21 21:00
Modified
2024-08-07 18:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:54.156Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1261"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1261"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3785",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"name": "http://www.digitalbullets.org/?p=3",
"refsource": "MISC",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1261"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3785",
"datePublished": "2006-07-21T21:00:00",
"dateReserved": "2006-07-21T00:00:00",
"dateUpdated": "2024-08-07T18:39:54.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0324 (GCVE-0-2000-0324)
Vulnerability from cvelistv5
Published
2002-03-09 05:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.195Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1150",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1150"
},
{
"name": "20010212 Re: Symantec pcAnywhere 9.0 DoS / Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html"
},
{
"name": "1301",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/1301"
},
{
"name": "20010211 Symantec pcAnywhere 9.0 DoS / Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html"
},
{
"name": "pcanywhere-tcpsyn-dos(4347)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/4347.php"
},
{
"name": "20000425 Denial of Service Against pcAnywhere.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000425150157.13567A-100000%40sword.damocles.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2002-02-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1150",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1150"
},
{
"name": "20010212 Re: Symantec pcAnywhere 9.0 DoS / Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html"
},
{
"name": "1301",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/1301"
},
{
"name": "20010211 Symantec pcAnywhere 9.0 DoS / Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html"
},
{
"name": "pcanywhere-tcpsyn-dos(4347)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/4347.php"
},
{
"name": "20000425 Denial of Service Against pcAnywhere.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000425150157.13567A-100000%40sword.damocles.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1150",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1150"
},
{
"name": "20010212 Re: Symantec pcAnywhere 9.0 DoS / Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html"
},
{
"name": "1301",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/1301"
},
{
"name": "20010211 Symantec pcAnywhere 9.0 DoS / Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html"
},
{
"name": "pcanywhere-tcpsyn-dos(4347)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/4347.php"
},
{
"name": "20000425 Denial of Service Against pcAnywhere.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000425150157.13567A-100000@sword.damocles.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0324",
"datePublished": "2002-03-09T05:00:00",
"dateReserved": "2000-05-11T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.195Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3784 (GCVE-0-2006-3784)
Vulnerability from cvelistv5
Published
2006-07-21 21:00
Modified
2024-08-07 18:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:39:54.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21113"
},
{
"name": "ADV-2006-2874",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2874"
},
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1261"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 12.5 uses weak default permissions for the \"Symantec\\pcAnywhere\\Hosts\" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21113",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21113"
},
{
"name": "ADV-2006-2874",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2874"
},
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1261"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3784",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere 12.5 uses weak default permissions for the \"Symantec\\pcAnywhere\\Hosts\" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21113"
},
{
"name": "ADV-2006-2874",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2874"
},
{
"name": "20060718 PcAnywhere \u003e 12 Local Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"name": "http://www.digitalbullets.org/?p=3",
"refsource": "MISC",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"name": "1261",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1261"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3784",
"datePublished": "2006-07-21T21:00:00",
"dateReserved": "2006-07-21T00:00:00",
"dateUpdated": "2024-08-07T18:39:54.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3478 (GCVE-0-2011-3478)
Vulnerability from cvelistv5
Published
2012-01-25 15:00
Modified
2024-08-06 23:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:47.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "78532",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/show/osvdb/78532"
},
{
"name": "38599",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/38599/"
},
{
"name": "51592",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51592"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "78532",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/show/osvdb/78532"
},
{
"name": "38599",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/38599/"
},
{
"name": "51592",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51592"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "78532",
"refsource": "OSVDB",
"url": "http://osvdb.org/show/osvdb/78532"
},
{
"name": "38599",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/38599/"
},
{
"name": "51592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51592"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/",
"refsource": "CONFIRM",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/"
},
{
"name": "48092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3478",
"datePublished": "2012-01-25T15:00:00",
"dateReserved": "2011-09-14T00:00:00",
"dateUpdated": "2024-08-06T23:37:47.739Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0936 (GCVE-0-2003-0936)
Vulnerability from cvelistv5
Published
2003-11-18 05:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:34.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html"
},
{
"name": "20031113 RE: Secure Network Operations SRT2003-11-13-0218, PCAnywhere allows local users to become SYSTEM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106876107330752\u0026w=2"
},
{
"name": "20031113 SRT2003-11-13-0218 - PCAnywhere local SYSTEM exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106875764826251\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html"
},
{
"name": "20031113 RE: Secure Network Operations SRT2003-11-13-0218, PCAnywhere allows local users to become SYSTEM",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106876107330752\u0026w=2"
},
{
"name": "20031113 SRT2003-11-13-0218 - PCAnywhere local SYSTEM exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=106875764826251\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html"
},
{
"name": "20031113 RE: Secure Network Operations SRT2003-11-13-0218, PCAnywhere allows local users to become SYSTEM",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106876107330752\u0026w=2"
},
{
"name": "20031113 SRT2003-11-13-0218 - PCAnywhere local SYSTEM exploit",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=106875764826251\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0936",
"datePublished": "2003-11-18T05:00:00",
"dateReserved": "2003-11-10T00:00:00",
"dateUpdated": "2024-08-08T02:12:34.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4855 (GCVE-0-2006-4855)
Vulnerability from cvelistv5
Published
2006-09-19 18:00
Modified
2024-08-07 19:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:23:41.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016892",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016892"
},
{
"name": "21938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21938"
},
{
"name": "1016893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016893"
},
{
"name": "1016895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016895"
},
{
"name": "1016889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016889"
},
{
"name": "20060915 Symantec Norton Insufficient validation of \u0027SymEvent\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"name": "1016897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016897"
},
{
"name": "1591",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/1591"
},
{
"name": "1016896",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016896"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"name": "20051",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20051"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"name": "ADV-2006-3636",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"name": "symantec-firewall-symevent-dos(28960)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
},
{
"name": "1016894",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016894"
},
{
"name": "1016898",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-09-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016892",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016892"
},
{
"name": "21938",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21938"
},
{
"name": "1016893",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016893"
},
{
"name": "1016895",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016895"
},
{
"name": "1016889",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016889"
},
{
"name": "20060915 Symantec Norton Insufficient validation of \u0027SymEvent\u0027 driver input buffer",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"name": "1016897",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016897"
},
{
"name": "1591",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/1591"
},
{
"name": "1016896",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016896"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"name": "20051",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20051"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"name": "ADV-2006-3636",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"name": "symantec-firewall-symevent-dos(28960)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
},
{
"name": "1016894",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016894"
},
{
"name": "1016898",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016898"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016892",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016892"
},
{
"name": "21938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21938"
},
{
"name": "1016893",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016893"
},
{
"name": "1016895",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016895"
},
{
"name": "1016889",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016889"
},
{
"name": "20060915 Symantec Norton Insufficient validation of \u0027SymEvent\u0027 driver input buffer",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"name": "1016897",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016897"
},
{
"name": "1591",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/1591"
},
{
"name": "1016896",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016896"
},
{
"name": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"name": "20051",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20051"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"name": "ADV-2006-3636",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"name": "symantec-firewall-symevent-dos(28960)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
},
{
"name": "1016894",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016894"
},
{
"name": "1016898",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016898"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4855",
"datePublished": "2006-09-19T18:00:00",
"dateReserved": "2006-09-19T00:00:00",
"dateUpdated": "2024-08-07T19:23:41.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0292 (GCVE-0-2012-0292)
Vulnerability from cvelistv5
Published
2012-03-08 02:00
Modified
2024-08-06 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:23:29.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "52094",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52094"
},
{
"name": "18493",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/18493/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120301_00"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48092"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "52094",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52094"
},
{
"name": "18493",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/18493/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120301_00"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48092"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-0292",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "52094",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52094"
},
{
"name": "18493",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/18493/"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120301_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120301_00"
},
{
"name": "48092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48092"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-0292",
"datePublished": "2012-03-08T02:00:00",
"dateReserved": "2012-01-04T00:00:00",
"dateUpdated": "2024-08-06T18:23:29.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0300 (GCVE-0-2000-0300)
Vulnerability from cvelistv5
Published
2000-04-26 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1093",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1093"
},
{
"name": "20000405 PcAnywhere weak password encryption",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000406030958.23902.qmail%40securityfocus.com"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1093",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1093"
},
{
"name": "20000405 PcAnywhere weak password encryption",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000406030958.23902.qmail%40securityfocus.com"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0300",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1093",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1093"
},
{
"name": "20000405 PcAnywhere weak password encryption",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000406030958.23902.qmail@securityfocus.com"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0300",
"datePublished": "2000-04-26T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-3934 (GCVE-0-2005-3934)
Vulnerability from cvelistv5
Published
2005-12-01 11:00
Modified
2024-08-07 23:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:31:48.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17797"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/avcenter/security/Content/2005.11.29.html"
},
{
"name": "15646",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15646"
},
{
"name": "1015284",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015284"
},
{
"name": "ADV-2005-2658",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2658"
},
{
"name": "symantec-pcanywhere-bo(23298)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23298"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17797",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17797"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/avcenter/security/Content/2005.11.29.html"
},
{
"name": "15646",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15646"
},
{
"name": "1015284",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015284"
},
{
"name": "ADV-2005-2658",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2658"
},
{
"name": "symantec-pcanywhere-bo(23298)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23298"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17797",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17797"
},
{
"name": "http://www.symantec.com/avcenter/security/Content/2005.11.29.html",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/avcenter/security/Content/2005.11.29.html"
},
{
"name": "15646",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15646"
},
{
"name": "1015284",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015284"
},
{
"name": "ADV-2005-2658",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2658"
},
{
"name": "symantec-pcanywhere-bo(23298)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23298"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3934",
"datePublished": "2005-12-01T11:00:00",
"dateReserved": "2005-12-01T00:00:00",
"dateUpdated": "2024-08-07T23:31:48.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3479 (GCVE-0-2011-3479)
Vulnerability from cvelistv5
Published
2012-01-25 15:00
Modified
2024-08-06 23:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:37:47.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48092"
},
{
"name": "51593",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/51593"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-05T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "48092",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48092"
},
{
"name": "51593",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/51593"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3479",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"name": "48092",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48092"
},
{
"name": "51593",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51593"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3479",
"datePublished": "2012-01-25T15:00:00",
"dateReserved": "2011-09-14T00:00:00",
"dateUpdated": "2024-08-06T23:37:47.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0273 (GCVE-0-2000-0273)
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.547Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000409 A funny way to DOS pcANYWHERE8.0 and 9.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0031.html"
},
{
"name": "1095",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1095"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000409 A funny way to DOS pcANYWHERE8.0 and 9.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0031.html"
},
{
"name": "1095",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1095"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000409 A funny way to DOS pcANYWHERE8.0 and 9.0",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0031.html"
},
{
"name": "1095",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1095"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0273",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2000-04-25 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html | ||
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html | ||
| cve@mitre.org | http://www.iss.net/security_center/static/4347.php | ||
| cve@mitre.org | http://www.osvdb.org/1301 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/1150 | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000425150157.13567A-100000%40sword.damocles.com | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/4347.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.osvdb.org/1301 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1150 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.1000425150157.13567A-100000%40sword.damocles.com |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 8.0.1 | |
| symantec | pcanywhere | 8.0.2 | |
| symantec | pcanywhere | 9.0 | |
| symantec | pcanywhere | 9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B543CCFB-954B-4CCF-8BB7-E64DAFA0C1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "09E5DA00-5FDC-42DE-955B-E977E62A2B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0C7336-52DC-4E0D-9F6F-9B401B0A93EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDF9CE6-93A7-49EC-B6B5-428C7517E902",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap."
}
],
"id": "CVE-2000-0324",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-25T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/4347.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/1301"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1150"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000425150157.13567A-100000%40sword.damocles.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0201.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0258.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/4347.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/1301"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=Pine.LNX.3.96.1000425150157.13567A-100000%40sword.damocles.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-09-19 18:07
Modified
2025-04-03 01:03
Severity ?
Summary
The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/21938 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/1591 | ||
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html | ||
| cve@mitre.org | http://securitytracker.com/id?1016889 | ||
| cve@mitre.org | http://securitytracker.com/id?1016892 | ||
| cve@mitre.org | http://securitytracker.com/id?1016893 | ||
| cve@mitre.org | http://securitytracker.com/id?1016894 | ||
| cve@mitre.org | http://securitytracker.com/id?1016895 | ||
| cve@mitre.org | http://securitytracker.com/id?1016896 | ||
| cve@mitre.org | http://securitytracker.com/id?1016897 | ||
| cve@mitre.org | http://securitytracker.com/id?1016898 | ||
| cve@mitre.org | http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/446111/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/20051 | Exploit | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2006/3636 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/28960 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21938 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/1591 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016889 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016892 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016893 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016894 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016895 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016896 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016897 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016898 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/446111/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/20051 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/3636 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/28960 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | client_security | 1.0 | |
| symantec | client_security | 1.0.0_b8.01.9378 | |
| symantec | client_security | 1.0.1 | |
| symantec | client_security | 1.0.1_build_8.01.425a | |
| symantec | client_security | 1.0.1_build_8.01.429c | |
| symantec | client_security | 1.0.1_build_8.01.434 | |
| symantec | client_security | 1.0.1_build_8.01.437 | |
| symantec | client_security | 1.0.1_build_8.01.446 | |
| symantec | client_security | 1.0.1_build_8.01.457 | |
| symantec | client_security | 1.0.1_build_8.01.460 | |
| symantec | client_security | 1.0.1_build_8.01.464 | |
| symantec | client_security | 1.0.1_build_8.01.471 | |
| symantec | client_security | 1.0.1_build_8.01.501 | |
| symantec | client_security | 1.0_build_8.01.9374 | |
| symantec | client_security | 1.1 | |
| symantec | client_security | 1.1.1 | |
| symantec | client_security | 1.1.1_build_393 | |
| symantec | client_security | 1.1.1_mr1_build_8.1.1.314a | |
| symantec | client_security | 1.1.1_mr2_build_8.1.1.319 | |
| symantec | client_security | 1.1.1_mr3_build_8.1.1.323 | |
| symantec | client_security | 1.1.1_mr4_build_8.1.1.329 | |
| symantec | client_security | 1.1.1_mr5_build_8.1.1.336 | |
| symantec | client_security | 1.1.1_mr6_b8.1.1.266 | |
| symantec | client_security | 1.1_stm_b8.1.0.825a | |
| symantec | client_security | 2.0 | |
| symantec | client_security | 2.0.1_build_9.0.1.1000 | |
| symantec | client_security | 2.0.2_build_9.0.2.1000 | |
| symantec | client_security | 2.0.3_build_9.0.3.1000 | |
| symantec | client_security | 2.0.5_build_1100 | |
| symantec | client_security | 2.0_scf_7.1 | |
| symantec | client_security | 2.0_stm_build_9.0.0.338 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.1 | |
| symantec | host_ids | * | |
| symantec | norton_antivirus | 2.1 | |
| symantec | norton_antivirus | 8.0 | |
| symantec | norton_antivirus | 8.0.1 | |
| symantec | norton_antivirus | 8.0.1.425a | |
| symantec | norton_antivirus | 8.0.1.425c | |
| symantec | norton_antivirus | 8.0.1.501 | |
| symantec | norton_antivirus | 8.0.1.9374 | |
| symantec | norton_antivirus | 8.0.1.9378 | |
| symantec | norton_antivirus | 8.1 | |
| symantec | norton_antivirus | 8.1.0.825a | |
| symantec | norton_antivirus | 8.1.1 | |
| symantec | norton_antivirus | 8.1.1.319 | |
| symantec | norton_antivirus | 8.1.1.323 | |
| symantec | norton_antivirus | 8.1.1.329 | |
| symantec | norton_antivirus | 8.1.1.366 | |
| symantec | norton_antivirus | 8.1.1.377 | |
| symantec | norton_antivirus | 8.1.1_build8.1.1.314a | |
| symantec | norton_antivirus | 8.1.1_build393 | |
| symantec | norton_antivirus | 8.01.434 | |
| symantec | norton_antivirus | 8.01.437 | |
| symantec | norton_antivirus | 8.01.446 | |
| symantec | norton_antivirus | 8.01.457 | |
| symantec | norton_antivirus | 8.01.460 | |
| symantec | norton_antivirus | 8.01.464 | |
| symantec | norton_antivirus | 8.01.471 | |
| symantec | norton_antivirus | 9.0 | |
| symantec | norton_antivirus | 9.0.0.338 | |
| symantec | norton_antivirus | 9.0.1.1.1000 | |
| symantec | norton_antivirus | 9.0.2.1000 | |
| symantec | norton_antivirus | 9.0.3.1000 | |
| symantec | norton_antivirus | 9.0.4 | |
| symantec | norton_antivirus | 9.0.5 | |
| symantec | norton_antivirus | 9.0.5.1100 | |
| symantec | norton_antivirus | 10.0 | |
| symantec | norton_antivirus | 10.0.2.2000 | |
| symantec | norton_antivirus | 10.0.2.2001 | |
| symantec | norton_antivirus | 10.0.2.2002 | |
| symantec | norton_antivirus | 10.0.2.2010 | |
| symantec | norton_antivirus | 10.0.2.2011 | |
| symantec | norton_antivirus | 10.0.2.2020 | |
| symantec | norton_antivirus | 10.0.2.2021 | |
| symantec | norton_antivirus | 10.1 | |
| symantec | norton_antivirus | 2003 | |
| symantec | norton_antivirus | 2003 | |
| symantec | norton_antivirus | 2004 | |
| symantec | norton_antivirus | 2005 | |
| symantec | norton_antivirus | 2006 | |
| symantec | norton_antivirus | 2007 | |
| symantec | norton_internet_security | 2003 | |
| symantec | norton_internet_security | 2003 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_internet_security | 2007 | |
| symantec | norton_personal_firewall | 2003 | |
| symantec | norton_personal_firewall | 2004 | |
| symantec | norton_personal_firewall | 2005 | |
| symantec | norton_personal_firewall | 2006 | |
| symantec | norton_system_works | 2003_professional_edition | |
| symantec | norton_system_works | 2004 | |
| symantec | norton_system_works | 2004_professional_edition | |
| symantec | norton_system_works | 2005 | |
| symantec | norton_system_works | 2005_premier | |
| symantec | norton_system_works | 2006 | |
| symantec | pcanywhere | 11.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C1DFD4CB-40A1-4D70-97AC-0941826F28CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.0_b8.01.9378:*:*:*:*:*:*:*",
"matchCriteriaId": "9A56518F-41E9-455D-9AC1-98FFDCE295C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C856CC4-0AAE-4539-A57B-0160AA5751F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.425a:mr1:*:*:*:*:*:*",
"matchCriteriaId": "9EE482AD-A0F8-4634-A3FE-08F112647648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.429c:mr2:*:*:*:*:*:*",
"matchCriteriaId": "B3FC66EB-2267-4B42-BD99-C4344DAE1C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*",
"matchCriteriaId": "BE15AE1D-8647-444F-90F0-FC658A3AC344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*",
"matchCriteriaId": "0C03FA86-F2E6-4E41-8368-E917C91D7837",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*",
"matchCriteriaId": "95BF74F0-40F1-4395-AC85-E6B566950C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*",
"matchCriteriaId": "994CB184-AFE8-4673-ACE8-085813F1E71F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*",
"matchCriteriaId": "85CF6FFB-4189-4558-A70D-DE6D4C0C1F82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*",
"matchCriteriaId": "31D6A148-A92C-4FCA-8762-16764D62C363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*",
"matchCriteriaId": "3E6E2EA2-88DA-4DF0-9AA3-3E3D2C80C04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.501:mr9:*:*:*:*:*:*",
"matchCriteriaId": "AC1B69D3-8A9C-481E-8891-1ACD8479CBFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.0_build_8.01.9374:*:*:*:*:*:*:*",
"matchCriteriaId": "70D72649-92F9-4820-B5A5-A14B52714809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7483F6DD-EDC0-497E-A5A9-B186E02CCCEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA2590E-DFB0-4B72-99BC-B49AD97A4969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_build_393:*:*:*:*:*:*:*",
"matchCriteriaId": "766C850E-817E-41AB-B0FF-413513548BC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*",
"matchCriteriaId": "FB47C16B-5221-4D64-BDB2-65D072A66C02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*",
"matchCriteriaId": "204F2046-F116-45D7-9256-179A3B59886A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*",
"matchCriteriaId": "CD0C67C0-3CF1-4BAD-A673-9B783E1D0724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*",
"matchCriteriaId": "274EA5DA-9519-46DE-B11E-87BDF1978E14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*",
"matchCriteriaId": "044C020A-0BCC-4037-BC32-73385A0BE019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1.1_mr6_b8.1.1.266:*:*:*:*:*:*:*",
"matchCriteriaId": "9A0176BE-3D55-422B-9FDD-961A00CFAC19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:1.1_stm_b8.1.0.825a:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3D7305-B8D0-4165-9F0F-50A49142EF2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*",
"matchCriteriaId": "D934F853-C7E0-421E-9AF3-B7B49228722F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*",
"matchCriteriaId": "D608AACF-A4BC-49CE-BE49-E8F3AEF31DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*",
"matchCriteriaId": "3238894A-3C25-4CC8-A319-8AA7246FEC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0.5_build_1100:*:*:*:*:*:*:*",
"matchCriteriaId": "69E9F1EE-CB23-42DE-8787-7F477D16329F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0_scf_7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C2D813-C219-4FF3-9C3B-DBB855480492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0_stm_build_9.0.0.338:*:*:*:*:*:*:*",
"matchCriteriaId": "A5A00A25-A52F-4E9D-AAD0-194171C772FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:host_ids:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F05B889-88D3-41AF-A79D-3E2F689BA1AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2.1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "A9415109-C554-40F6-851E-CC016951BDF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "595CDCD1-4E0B-49E4-B726-82FAA99EF70A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DBBAD310-3E2E-4E83-A605-47540668827F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.425a:*:corporate:*:*:*:*:*",
"matchCriteriaId": "F4341136-7821-4638-9F36-93361327250E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.425c:*:corporate:*:*:*:*:*",
"matchCriteriaId": "497BC653-98D7-41C5-94BB-2634B9C5BF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.501:*:corporate:*:*:*:*:*",
"matchCriteriaId": "094EED2C-F8FA-418B-B110-E44D90B9BA33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.9374:*:corporate:*:*:*:*:*",
"matchCriteriaId": "15AEADC9-00B9-43BA-AABB-ADB7627CF0F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.0.1.9378:*:corporate:*:*:*:*:*",
"matchCriteriaId": "39D769B1-B1D6-4F5C-9C66-00055D4A6618",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3AA02AEB-362B-4A09-92E3-D6D8BB4B6CB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.0.825a:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3A82AC27-8BE6-47F7-A6EC-F4C21373AA58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ECAA6170-5520-4AA9-8358-5F91FD10420E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E626F14C-FDE9-4C6A-8CE7-B99CD4FEE485",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EC4CFE5A-4D51-405D-B92E-37DE4E617ABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*",
"matchCriteriaId": "727A116A-D18C-4F3F-A6A8-2C6107FFB8C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.366:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EAE76215-2A7E-4D71-8757-AE10E4A9AE0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1.377:*:corporate:*:*:*:*:*",
"matchCriteriaId": "AF45DF9D-D7BE-41AD-A838-0AF9A264EBFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4A6612F1-4CA8-427A-AED4-854F943BA3D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.1.1_build393:*:corporate:*:*:*:*:*",
"matchCriteriaId": "902A4011-83C5-4A3B-B443-C51EA855E8E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*",
"matchCriteriaId": "8BB225A0-7FB9-4AD2-8ED2-5CC1AEBAAB3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9603C423-F24A-4607-B721-D02EDA94AE8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*",
"matchCriteriaId": "574AAAA6-8181-457B-84CE-5AEB1895E3B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DF957AD3-B6E5-4BD7-832F-33E734817B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*",
"matchCriteriaId": "14D862F4-BE5F-4E6B-9955-ACFB48A5D3B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*",
"matchCriteriaId": "768B7F5E-E4AD-420E-92FA-A58E1AE3D1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C15B7FEA-E6A9-4DBE-B1A9-E17E91512A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9E85FD6-9E89-4497-854C-60A20639CE52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*:*:*:*:*",
"matchCriteriaId": "91F70069-D0F2-41D8-862F-2162CE12D49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EDF0DA40-1AC4-4610-AEAC-F431E23BAEAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5696AC09-E8BB-4060-9A81-EA2B190B850A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C18E6605-5F86-4957-AE16-80F59F40110E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "56D54011-9B09-4C63-8301-609C03E51099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9EF7F7F6-FC6B-4258-AE1D-3E4C19B365B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A10DA055-1F24-4AFD-A688-58D1DB4FB64A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "CAC5389A-8B18-40C4-A3E0-E50B6AA724FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate:*:*:*:*:*",
"matchCriteriaId": "88090CD5-A324-4A41-A55E-9381FBC14B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate:*:*:*:*:*",
"matchCriteriaId": "78E79E4D-E93B-4C6C-92EE-1E33EE1AEB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate:*:*:*:*:*",
"matchCriteriaId": "F6E6EC72-9B83-4685-B48E-25E4211EC280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate:*:*:*:*:*",
"matchCriteriaId": "275187A5-FB3A-41C2-A6F4-F2DC9D88D0DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A7F0C0E9-9665-452E-A382-04656F2009AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6A220194-CCB1-41F6-9CB0-A79C2E5E36FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4D3CBEF5-25C6-41E8-97A3-2AA43134E619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "81AE594C-41ED-4FE8-839D-B604AE8DC901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "34B1D862-2CB4-4D50-9BBA-0507FEAA1924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2003:*:professional:*:*:*:*:*",
"matchCriteriaId": "7D43A376-4282-4A66-860D-50483438EC80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "C2E302A4-72F8-478B-9FA2-2536902986B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "C988B309-F397-412A-8570-C3823C7FE7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF97C5F-3A80-4973-85FD-5BCE43B32AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2003:*:professional:*:*:*:*:*",
"matchCriteriaId": "EF583EBF-0FDC-45FD-ADAE-C38D9DB34ED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*",
"matchCriteriaId": "09CA1AC8-E273-44C1-9D1C-19542EB57433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*",
"matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "74E5CAF7-C305-4FAF-8DA7-627D83F65185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5F3CB3-7EB3-416C-AD2F-6357DC7248CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2003_professional_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "79F3EAD1-C4DA-48E8-A582-A14F4401AD15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004_professional_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "C37BF3DA-FD23-49A1-B97D-FD3B5896574D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005_premier:*:*:*:*:*:*:*",
"matchCriteriaId": "B5E481D2-87F3-4912-BB87-5168C6A1BE23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The \\Device\\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, and 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0, and 10.1, Symantec pcAnywhere 11.5 only, and Symantec Host, allows local users to cause a denial of service (system crash) via invalid data, as demonstrated by calling DeviceIoControl to send the data."
},
{
"lang": "es",
"value": "El driver \\Device\\SymEvent en Symantec Norton Personal Firewall 2006 9.1.0.33, y otras versiones del Norton Personal Firewall, Internet Security, AntiVirus, SystemWorks, Symantec Client Security SCS 1.x, 2.x, 3.0, y 3.1, Symantec AntiVirus Corporate Edition SAVCE 8.x, 9.x, 10.0 y 10.1, Symantec pcAnywhere 11.5 y Symantec Host, permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) v\u00eda una informaci\u00f3n inv\u00e1lida, como ha sido demostrado llamando a DeviceIoControl para enviar la informaci\u00f3n."
}
],
"id": "CVE-2006-4855",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-09-19T18:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21938"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1591"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016889"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016892"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016893"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016894"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016895"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016896"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016897"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016898"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20051"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21938"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2006.09.20a.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016895"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Insufficient-validation-of-SymEvent-driver-input-buffer.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/446111/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/20051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28960"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-24 12:19
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://securityreason.com/securityalert/1261 | ||
| cve@mitre.org | http://www.digitalbullets.org/?p=3 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/440448/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/1261 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.digitalbullets.org/?p=3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/440448/100/0/threaded |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 12.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain the passwords from the window using tools such as Nirsoft Asterwin."
},
{
"lang": "es",
"value": "Symantec pcAnywhere 12.5 ofusca la contrase\u00f1a en un cuadro de texto del GUI con asteriscos, pero no la encripta en el fichero .cif asociado (tambi\u00e9n conocido como caller o CallerID), lo que permite a usuarios locales obtener la contrase\u00f1a de la ventana utilizando herramientas como el Nirsoft Asterwin."
}
],
"id": "CVE-2006-3785",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-24T12:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1261"
},
{
"source": "cve@mitre.org",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-01 06:03
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/17797 | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1015284 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/15646 | Vendor Advisory | |
| cve@mitre.org | http://www.symantec.com/avcenter/security/Content/2005.11.29.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2005/2658 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/23298 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/17797 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1015284 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/15646 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/avcenter/security/Content/2005.11.29.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2005/2658 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/23298 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 8.0.1 | |
| symantec | pcanywhere | 8.0.2 | |
| symantec | pcanywhere | 9.0 | |
| symantec | pcanywhere | 9.0.1 | |
| symantec | pcanywhere | 9.2 | |
| symantec | pcanywhere | 10.0 | |
| symantec | pcanywhere | 10.5 | |
| symantec | pcanywhere | 11.0 | |
| symantec | pcanywhere | 11.0.1 | |
| symantec | pcanywhere | 11.5 | |
| symantec | pcanywhere | 11.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B543CCFB-954B-4CCF-8BB7-E64DAFA0C1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "09E5DA00-5FDC-42DE-955B-E977E62A2B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0C7336-52DC-4E0D-9F6F-9B401B0A93EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F96BE1D8-29D3-41F1-9CE9-66D5D8013C7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDF9CE6-93A7-49EC-B6B5-428C7517E902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAB70F5-1B1B-426B-A1F9-6D91D0A160B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A6A97-1EFF-41C0-AAAA-B357C4C801F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "014AA70B-942F-4ADE-9EEF-4F5204438268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BF0A19-0AAD-44B2-9B51-85A985CC40A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF752E6-45B4-4D6D-90F8-AA69DB5C2775",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of service (application crash) via unknown attack vectors."
}
],
"id": "CVE-2005-3934",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-01T06:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17797"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015284"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/15646"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2005.11.29.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2658"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/15646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.symantec.com/avcenter/security/Content/2005.11.29.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23298"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-15 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=bugtraq&m=106875764826251&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=106876107330752&w=2 | ||
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=106875764826251&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=106876107330752&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 10.0 | |
| symantec | pcanywhere | 10.5 | |
| symantec | pcanywhere | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAB70F5-1B1B-426B-A1F9-6D91D0A160B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A6A97-1EFF-41C0-AAAA-B357C4C801F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "014AA70B-942F-4ADE-9EEF-4F5204438268",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe."
},
{
"lang": "es",
"value": "Symantec PCAnywhere 10.x y 11, cuando se arranca como un servicio, permite a atacantes remotos ganar privielgios de Sistema mediante el interfaz de ayuda usando AWHOST32.exe."
}
],
"id": "CVE-2003-0936",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-15T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106875764826251\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=106876107330752\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106875764826251\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=106876107330752\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-24 12:19
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/21113 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/1261 | ||
| cve@mitre.org | http://www.digitalbullets.org/?p=3 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/440448/100/0/threaded | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2006/2874 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/21113 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/1261 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.digitalbullets.org/?p=3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/440448/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2006/2874 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 12.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 12.5 uses weak default permissions for the \"Symantec\\pcAnywhere\\Hosts\" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a local administrator."
},
{
"lang": "es",
"value": "Symantec pcAnywhere 12.5 utiliza unos permisos por defecto d\u00e9biles para la carpeta \"Symantec\\pcAnywhere\\Hosts\", lo cual permite a un usuario local ganar privilegios a trav\u00e9s de la insercci\u00f3n de un superusuario archivo .cif (tambi\u00e9n conocido como llamador o CallerID) dentro de la carpeta, y por lo tanto utilizando un cliente pcAnywhere entrar como administrador local."
}
],
"id": "CVE-2006-3784",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-24T12:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21113"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1261"
},
{
"source": "cve@mitre.org",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21113"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2874"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-24 12:19
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://securityreason.com/securityalert/1261 | ||
| cve@mitre.org | http://securitytracker.com/id?1016534 | ||
| cve@mitre.org | http://www.digitalbullets.org/?p=3 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/440448/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/1261 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1016534 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.digitalbullets.org/?p=3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/440448/100/0/threaded |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 12.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag."
},
{
"lang": "es",
"value": "Symantec pcAnywhere 12.5 utiliza protecci\u00f3n de integridad d\u00e9bil para los ficheros .cif (tambi\u00e9n conocido como caller o CallerID), lo cual permite a usuarios locales generar un fichero .cif personalizado y modificar la bandera de super-usuario."
}
],
"id": "CVE-2006-3786",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-24T12:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/1261"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016534"
},
{
"source": "cve@mitre.org",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/1261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.digitalbullets.org/?p=3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/440448/100/0/threaded"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-05-28 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://marc.info/?l=ntbugtraq&m=92807524225090&w=2 | ||
| cve@mitre.org | http://www.iss.net/security_center/static/2256.php | ||
| cve@mitre.org | http://www.securityfocus.com/bid/288 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=ntbugtraq&m=92807524225090&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/2256.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/288 | Exploit, Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "447EE4D0-ED48-490E-BC1C-831A165CFF29",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631."
}
],
"id": "CVE-1999-1028",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-05-28T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=ntbugtraq\u0026m=92807524225090\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/2256.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/288"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=ntbugtraq\u0026m=92807524225090\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/2256.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/288"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-06-16 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/15673 | ||
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1014178 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/13933 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/15673 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1014178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/13933 | Patch |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 8.0.1 | |
| symantec | pcanywhere | 8.0.2 | |
| symantec | pcanywhere | 9.0 | |
| symantec | pcanywhere | 9.0.1 | |
| symantec | pcanywhere | 9.2 | |
| symantec | pcanywhere | 10.0 | |
| symantec | pcanywhere | 10.5 | |
| symantec | pcanywhere | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B543CCFB-954B-4CCF-8BB7-E64DAFA0C1F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "09E5DA00-5FDC-42DE-955B-E977E62A2B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0C7336-52DC-4E0D-9F6F-9B401B0A93EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F96BE1D8-29D3-41F1-9CE9-66D5D8013C7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDF9CE6-93A7-49EC-B6B5-428C7517E902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAB70F5-1B1B-426B-A1F9-6D91D0A160B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A6A97-1EFF-41C0-AAAA-B357C4C801F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "014AA70B-942F-4ADE-9EEF-4F5204438268",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 10.5x and 11.x before 11.5, with \"Launch with Windows\" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature."
}
],
"id": "CVE-2005-1970",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-06-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/15673"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1014178"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/13933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/15673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/13933"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-25 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/48092 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/51593 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48092 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51593 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5.539 | |
| symantec | pcanywhere | 12.6.65 | |
| symantec | pcanywhere | 12.6.65 | |
| symantec | pcanywhere | 12.6.7580 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "39F3C225-B890-47BB-9898-0EFEC969B74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A4C296DE-5385-4C59-8824-B1695D38C332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F1C797C5-7F76-4ECE-859C-B928F380A08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C845AC-3C09-4676-964F-644A01D133CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.6.65:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D0B814-A9C3-4D47-B1C5-59DE0CFEDCF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.6.65:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D2415480-FC3C-45BF-B93C-F76F0C011F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.6.7580:*:*:*:*:*:*:*",
"matchCriteriaId": "92218E59-B767-498A-8F09-20202AE643E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file."
},
{
"lang": "es",
"value": "Symantec pcAnywhere v12.5.x a trav\u00e9s de c12.5.3, y IT Management Suite pcAnywhere soluci\u00f3n c7.0 (aka 12.5.x) y c7.1 (tambi\u00e9n conocido como 12.6.x), utiliza el mundo pueda escribir permisos para los archivos de instalaci\u00f3n del producto, que permite a usuarios locales conseguir privilegios mediante la modificaci\u00f3n de un archivo."
}
],
"id": "CVE-2011-3479",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-01-25T15:55:01.050",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/51593"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/51593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-25 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/show/osvdb/78532 | ||
| cve@mitre.org | http://secunia.com/advisories/48092 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/51592 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 | Vendor Advisory | |
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-12-018/ | ||
| cve@mitre.org | https://www.exploit-db.com/exploits/38599/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/show/osvdb/78532 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48092 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51592 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-12-018/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/38599/ |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5.539 | |
| symantec | pcanywhere | 12.6.65 | |
| symantec | pcanywhere | 12.6.65 | |
| symantec | pcanywhere | 12.6.7580 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "39F3C225-B890-47BB-9898-0EFEC969B74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A4C296DE-5385-4C59-8824-B1695D38C332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F1C797C5-7F76-4ECE-859C-B928F380A08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C845AC-3C09-4676-964F-644A01D133CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.6.65:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D0B814-A9C3-4D47-B1C5-59DE0CFEDCF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.6.65:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D2415480-FC3C-45BF-B93C-F76F0C011F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.6.7580:*:*:*:*:*:*:*",
"matchCriteriaId": "92218E59-B767-498A-8F09-20202AE643E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631."
},
{
"lang": "es",
"value": "El componente de host de servicios de Symantec pcAnywhere v12.5.x a trav\u00e9s de v12.5.3, y IT Management Suite pcAnywhere Solution v7.0 (aka 12.5.x) y v7.1 (tambi\u00e9n conocido como 12.6.x), de inicio de sesi\u00f3n de filtro y los datos de autenticaci\u00f3n, es que permite control remoto atacantes para ejecutar c\u00f3digo arbitrario a trav\u00e9s de una sesi\u00f3n a mano en el puerto TCP 5631."
}
],
"id": "CVE-2011-3478",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-01-25T15:55:01.003",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/show/osvdb/78532"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/51592"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/"
},
{
"source": "cve@mitre.org",
"url": "https://www.exploit-db.com/exploits/38599/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/show/osvdb/78532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/51592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-12-018/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/38599/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-11 16:19
Modified
2025-04-09 00:30
Severity ?
Summary
Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/41982 | ||
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html | Patch | |
| cve@mitre.org | http://securitytracker.com/id?1018032 | Patch | |
| cve@mitre.org | http://www.securityfocus.com/bid/23875 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/1753 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/34203 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/41982 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1018032 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/23875 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/1753 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/34203 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 11.5 | |
| symantec | pcanywhere | 11.5.1 | |
| symantec | pcanywhere | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF752E6-45B4-4D6D-90F8-AA69DB5C2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B13E1710-1723-4A52-ACDC-7FC511467152",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785."
},
{
"lang": "es",
"value": "Symantec pcAnywhere 11.5.x y 12.0.x retiene credenciales de autenticaci\u00f3n no cifradas para la \u00faltima autenticaci\u00f3n en la memoria del proceso, lo cual permite a administradores locales obtener las credenciales al leer la memoria del proceso, vulnerabilidad diferente de CVE-2006-3785."
}
],
"id": "CVE-2007-2619",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-11T16:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41982"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018032"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23875"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1753"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.05.09b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1018032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34203"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-03-18 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/52797 | ||
| cve@mitre.org | http://secunia.com/advisories/34305 | ||
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html | Patch, Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1021855 | ||
| cve@mitre.org | http://www.layereddefense.com/pcanywhere17mar.html | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/501930/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/33845 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/0755 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/49291 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/52797 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34305 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1021855 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.layereddefense.com/pcanywhere17mar.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/501930/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/33845 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/0755 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/49291 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | * | |
| symantec | pcanywhere | 10.0 | |
| symantec | pcanywhere | 10.5 | |
| symantec | pcanywhere | 11.0 | |
| symantec | pcanywhere | 11.0.1 | |
| symantec | pcanywhere | 11.5 | |
| symantec | pcanywhere | 11.5.1 | |
| symantec | pcanywhere | 12.0 | |
| symantec | pcanywhere | 12.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B5D2349-8330-4DE8-8040-6FDD368EFD32",
"versionEndIncluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAB70F5-1B1B-426B-A1F9-6D91D0A160B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A6A97-1EFF-41C0-AAAA-B357C4C801F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "014AA70B-942F-4ADE-9EEF-4F5204438268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BF0A19-0AAD-44B2-9B51-85A985CC40A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF752E6-45B4-4D6D-90F8-AA69DB5C2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B13E1710-1723-4A52-ACDC-7FC511467152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE0E3DD-23F9-4ACD-BF9D-986CE5232D4E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file)."
},
{
"lang": "es",
"value": "Una vulnerabilidad de formato de cadena en Symantec pcAnywhere antes de 12.5 SP1 permite a atacantes remotos leer y modificar localizaciones de memoria de su elecci\u00f3n y producir una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o posiblemente tener otro efecto no especificado mediante especificadores de cadena de formato en el nombre de ruta de fichero de un fichero de control remoto (alias fichero .CHF)."
}
],
"id": "CVE-2009-0538",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-18T15:30:00.453",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/52797"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34305"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021855"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.layereddefense.com/pcanywhere17mar.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/501930/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/33845"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/0755"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/52797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.layereddefense.com/pcanywhere17mar.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/501930/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/0755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49291"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-06 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/1093 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000406030958.23902.qmail%40securityfocus.com | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1093 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000406030958.23902.qmail%40securityfocus.com |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0C7336-52DC-4E0D-9F6F-9B401B0A93EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts."
}
],
"id": "CVE-2000-0300",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-06T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1093"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000406030958.23902.qmail%40securityfocus.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=20000406030958.23902.qmail%40securityfocus.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-08 04:15
Modified
2025-04-11 00:51
Severity ?
Summary
The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/48092 | ||
| cve@mitre.org | http://www.exploit-db.com/exploits/18493/ | Exploit | |
| cve@mitre.org | http://www.securityfocus.com/bid/52094 | Exploit | |
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120301_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48092 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.exploit-db.com/exploits/18493/ | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/52094 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120301_00 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | * | |
| symantec | pcanywhere | 10.0 | |
| symantec | pcanywhere | 10.5 | |
| symantec | pcanywhere | 11.0 | |
| symantec | pcanywhere | 11.0.1 | |
| symantec | pcanywhere | 11.5 | |
| symantec | pcanywhere | 11.5.1 | |
| symantec | pcanywhere | 12.0 | |
| symantec | pcanywhere | 12.0.1 | |
| symantec | pcanywhere | 12.0.2 | |
| symantec | pcanywhere | 12.0.3 | |
| symantec | pcanywhere | 12.1 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5.3 | |
| symantec | pcanywhere | 12.5.265 | |
| symantec | pcanywhere | 12.5.539 | |
| symantec | altiris_client_management_suite_pcanywhere_solution | 7.0 | |
| symantec | altiris_climentent_manage_suite_pcanywhere_solution | 7.1 | |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 7.1 | |
| symantec | altiris_it_management_suite_pcanywhere_solution | 7.0 | |
| symantec | altiris_it_management_suite_pcanywhere_solution | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "439DFE25-7834-4E70-AB3A-47CC76528281",
"versionEndIncluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAB70F5-1B1B-426B-A1F9-6D91D0A160B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A6A97-1EFF-41C0-AAAA-B357C4C801F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "014AA70B-942F-4ADE-9EEF-4F5204438268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BF0A19-0AAD-44B2-9B51-85A985CC40A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF752E6-45B4-4D6D-90F8-AA69DB5C2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B13E1710-1723-4A52-ACDC-7FC511467152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87DBE939-A827-4B90-A618-AA5A044D74E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D33DDEF5-032D-4AC2-BBCD-6E3D1E06BA1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "16E976A6-625C-4B20-B1F1-429A6902BEF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE0E3DD-23F9-4ACD-BF9D-986CE5232D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "39F3C225-B890-47BB-9898-0EFEC969B74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A4C296DE-5385-4C59-8824-B1695D38C332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CA1694-B60F-418A-981D-2393BD74E288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.265:*:*:*:*:*:*:*",
"matchCriteriaId": "EE75BA8C-3E29-45CC-BD06-E504513A55AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C845AC-3C09-4676-964F-644A01D133CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "068FE96E-DEB9-4AEA-8A5B-9152B75E0C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_climentent_manage_suite_pcanywhere_solution:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4F35C05-9068-406F-8B53-B32D83ED1CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5503E846-7BB7-4B05-B234-609167B443C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_it_management_suite_pcanywhere_solution:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E8464B-ACB2-4DB7-A0CF-EBF5FC5997A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_it_management_suite_pcanywhere_solution:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9A6CB3-92E5-40CA-9E00-5C05F478C56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The awhost32 service in Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allows remote attackers to cause a denial of service (daemon crash) via a crafted TCP session on port 5631."
},
{
"lang": "es",
"value": "El servicio awhost32 en Symantec pcAnywhere hasta v12.5.3, Altiris IT Management Suite pcAnywhere Solution v7.0 (tambi\u00e9n conocido como v12.5.x) y v7.1 (tambi\u00e9n conocido como v12.6.x), Altiris Client Management Suite pcAnywhere Solution v7.0 (tambi\u00e9n conocido como v12.5.x) y v7.1 (tambi\u00e9n conocido como v12.6.x), y Altiris Deployment Solution Remote pcAnywhere Solution v7.1 (tambi\u00e9n conocido como v12.5.x and v12.6.x), permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de una sesi\u00f3n TCP modificada en el puerto 5631."
}
],
"id": "CVE-2012-0292",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-08T04:15:02.683",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18493/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/52094"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120301_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/18493/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/52094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120301_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-09 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2000-04/0031.html | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/1095 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2000-04/0031.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/1095 | Exploit, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | 8.0 | |
| symantec | pcanywhere | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "447EE4D0-ED48-490E-BC1C-831A165CFF29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB0C7336-52DC-4E0D-9F6F-9B401B0A93EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt."
}
],
"id": "CVE-2000-0273",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0031.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1095"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-04/0031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1095"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-02-22 13:54
Modified
2025-04-11 00:51
Severity ?
Summary
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/48092 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/51965 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48092 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51965 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | * | |
| symantec | pcanywhere | 10.0 | |
| symantec | pcanywhere | 10.5 | |
| symantec | pcanywhere | 11.0 | |
| symantec | pcanywhere | 11.0.1 | |
| symantec | pcanywhere | 11.5 | |
| symantec | pcanywhere | 11.5.1 | |
| symantec | pcanywhere | 12.0 | |
| symantec | pcanywhere | 12.0.1 | |
| symantec | pcanywhere | 12.0.2 | |
| symantec | pcanywhere | 12.0.3 | |
| symantec | pcanywhere | 12.1 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5.3 | |
| symantec | pcanywhere | 12.5.265 | |
| symantec | pcanywhere | 12.5.539 | |
| symantec | altiris_client_management_suite_pcanywhere_solution | 7.0 | |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 7.1 | |
| symantec | altiris_it_management_suite_pcanywhere_solution | 7.0 | |
| symantec | altiris_it_management_suite_pcanywhere_solution | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "439DFE25-7834-4E70-AB3A-47CC76528281",
"versionEndIncluding": "12.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAB70F5-1B1B-426B-A1F9-6D91D0A160B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A6A97-1EFF-41C0-AAAA-B357C4C801F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "014AA70B-942F-4ADE-9EEF-4F5204438268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D0BF0A19-0AAD-44B2-9B51-85A985CC40A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF752E6-45B4-4D6D-90F8-AA69DB5C2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B13E1710-1723-4A52-ACDC-7FC511467152",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87DBE939-A827-4B90-A618-AA5A044D74E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D33DDEF5-032D-4AC2-BBCD-6E3D1E06BA1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "16E976A6-625C-4B20-B1F1-429A6902BEF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE0E3DD-23F9-4ACD-BF9D-986CE5232D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "39F3C225-B890-47BB-9898-0EFEC969B74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A4C296DE-5385-4C59-8824-B1695D38C332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CA1694-B60F-418A-981D-2393BD74E288",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.265:*:*:*:*:*:*:*",
"matchCriteriaId": "EE75BA8C-3E29-45CC-BD06-E504513A55AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C845AC-3C09-4676-964F-644A01D133CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "068FE96E-DEB9-4AEA-8A5B-9152B75E0C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5503E846-7BB7-4B05-B234-609167B443C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_it_management_suite_pcanywhere_solution:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E8464B-ACB2-4DB7-A0CF-EBF5FC5997A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_it_management_suite_pcanywhere_solution:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9A6CB3-92E5-40CA-9E00-5C05F478C56C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response."
},
{
"lang": "es",
"value": "Symantec pcAnywhere hasta la v12.5.3, Altiris IT Management Suite pcAnywhere Solution v7.0 (tambi\u00e9n conocido como v12.5.x) y v7.1 (\u00f3 v12.6.x), Altiris Altiris Client Management Suite pcAnywhere Solution v7.0 (tambi\u00e9n conocido como v12.5.x) y v7.1 (\u00f3 v12.6.x) y Altiris Deployment Solution Remote pcAnywhere Solution v7.1 (tambi\u00e9n conocido como v12.5.x y v12.6.x) permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda o bloqueo de la aplicaci\u00f3n) a trav\u00e9s de (1) datos con formato incorrecto de un cliente, (2) de datos con formato incorrecto de un servidor, o (3) una respuesta no v\u00e1lida."
}
],
"id": "CVE-2012-0291",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-22T13:54:02.193",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/51965"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/51965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-02-06 20:55
Modified
2025-04-11 00:51
Severity ?
Summary
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an "open client session."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/48092 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/51862 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/72996 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/48092 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/51862 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/72996 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | pcanywhere | * | |
| symantec | pcanywhere | 5.0 | |
| symantec | pcanywhere | 8.0 | |
| symantec | pcanywhere | 9.2 | |
| symantec | pcanywhere | 10.5 | |
| symantec | pcanywhere | 11.5 | |
| symantec | pcanywhere | 11.5.1 | |
| symantec | pcanywhere | 12.1 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5.265 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5 | |
| symantec | pcanywhere | 12.5.539 | |
| symantec | pcanywhere | 12.6.65 | |
| symantec | pcanywhere | 12.6.7580 | |
| symantec | altiris_client_management_suite_pcanywhere_solution | 12.5 | |
| symantec | altiris_client_management_suite_pcanywhere_solution | 12.5 | |
| symantec | altiris_client_management_suite_pcanywhere_solution | 12.5 | |
| symantec | altiris_client_management_suite_pcanywhere_solution | 12.6 | |
| symantec | altiris_client_management_suite_pcanywhere_solution | 12.6 | |
| symantec | altiris_client_management_suite_pcanywhere_solution | 12.6 | |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 12.5 | |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 12.5 | |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 12.5 | |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 12.6 | |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 12.6 | |
| symantec | altiris_deployment_solution_remote_pcanywhere_solution | 12.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:*:*:*:*:*:*:*:*",
"matchCriteriaId": "688690CE-8382-4C88-A0E5-AC0021D9D440",
"versionEndIncluding": "12.5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "23912E29-CA68-4C9A-93DF-586E42CA52F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "447EE4D0-ED48-490E-BC1C-831A165CFF29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DFDF9CE6-93A7-49EC-B6B5-428C7517E902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A6A97-1EFF-41C0-AAAA-B357C4C801F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF752E6-45B4-4D6D-90F8-AA69DB5C2775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE0E3DD-23F9-4ACD-BF9D-986CE5232D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "39F3C225-B890-47BB-9898-0EFEC969B74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A4C296DE-5385-4C59-8824-B1695D38C332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F1C797C5-7F76-4ECE-859C-B928F380A08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.265:*:*:*:*:*:*:*",
"matchCriteriaId": "EE75BA8C-3E29-45CC-BD06-E504513A55AD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "39F3C225-B890-47BB-9898-0EFEC969B74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A4C296DE-5385-4C59-8824-B1695D38C332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "F1C797C5-7F76-4ECE-859C-B928F380A08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C845AC-3C09-4676-964F-644A01D133CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.6.65:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D0B814-A9C3-4D47-B1C5-59DE0CFEDCF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:pcanywhere:12.6.7580:*:*:*:*:*:*:*",
"matchCriteriaId": "92218E59-B767-498A-8F09-20202AE643E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "611D90A6-7B2C-4C40-9C70-EC5B2695FD3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:12.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "65C22E74-4DBF-4783-B2AF-57C2D58B193D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:12.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "04B4C5CC-520C-4005-B01E-4EBC22ABE5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8F8C91B1-46E7-4CA2-8E96-FF16626BFD8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:12.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "CEE27DB7-3B9D-487F-83BD-D1D8C1B0E770",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:12.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "7F8166A3-90AC-4515-84C2-9E137C66594C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2811AA0D-0B6F-49EC-9234-A1836EDBA60B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:12.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "48193B5E-994F-4F66-BE15-A44BBE4364C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:12.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "FE450255-FE0F-41CE-9BDC-C7870DAB13CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB20686-F8E4-49A3-9A82-68C929B88FBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:12.6:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9BA4BAF7-4E24-40BD-8D9E-801BAE52C2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:12.6:sp2:*:*:*:*:*:*",
"matchCriteriaId": "53AC95BF-9CD4-47C6-87A7-531EA27AD864",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an \"open client session.\""
},
{
"lang": "es",
"value": "Symantec pcAnywhere hasta la versi\u00f3n v12.5.3, Altiris IT Management Suite pcAnywhere Soluction v7.0 (tambi\u00e9n conocido como v12.5.x) y v7.1 (tambi\u00e9n conocido como v12.6.x), Altiris Client Management Suite pcAnywhere Soluction v7.0 (tambi\u00e9n conocido como v12.5.x) y v7.1 (tambi\u00e9n conocido como v12.6.x) y Altiris Deployment Solution Remote pcAnywhere Solution v7.1 (tambi\u00e9n conocido como v12.5.x y v12.6.x) no manejan correctamente el estado del cliente despu\u00e9s de la terminaci\u00f3n anormal de una sesi\u00f3n remota, lo que permite a atacantes remotos obtener acceso al cliente aprovechandose de una \"sesi\u00f3n de cliente abierta\"."
}
],
"id": "CVE-2012-0290",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-02-06T20:55:02.627",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/51862"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/48092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/51862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72996"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}