Documents Associated to Symantec

New User, Welcome! Login

Symantec

iDefense Security Advisory 04.29.09: Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability

http://labs.idefense.com/intelligence/vulnerabilities/
Apr 28, 2009

I. BACKGROUND

Symantec System Center is an MMC (Microsoft Management Console) snap-in
that allows an administrator to remotely manage Symantec products. The
Symantec System Center comes bundled with several Symantec products,
including Symantec Client Security and Symantec AntiVirus. It contains
an optional component called the Alert Management System Console. This
component starts a service (Intel File Transfer) that listens on TCP

SYMSA-2007-012: Microsoft Windows CE IGMP Denial of Service

SYM07-029 Symantec BEWS Multiple DoS in Job Engine

Symantec Security Advisory

SYM07-029
http://www.symantec.com/avcenter/security/Content/2007.11.27.html

27 Nov 2007 

Symantec Backup Exec for Windows Server:  Multiple Denial of Service Issues in Job Engine

SYMSA-2007-007: Palm OS Treo Smartphone Denial of Service

[G-SEC 47-2009] Symantec generic PDF detection bypass

________________________________________________________________________

             Symantec multiple products - Generic PDF bypass
________________________________________________________________________

***********************************************************************
Cheap plug :
Speaking of PDF - If you are interested in client-side vulnerabilities
visit HACK.LU starting tomorrow [28-30 Oct] with :

SYMSA-2007-011: Microsoft WM5 PocketPC Phone Ed SMS Handler Issue

SYMSA-2007-009: RemoteDocs R-Viewer Code Execution and Sensitive Information Disclosure

SYMSA-2007-014: SQL Injection Vulnerability in Beehive Forum Software

Hash: SHA1




                     Symantec Vulnerability Research
                     http://www.symantec.com/research
                           Security Advisory

   Advisory  ID:  SYMSA-2007-014
 Advisory Title:  SQL Injection Vulnerability in Beehive Forum

Symantec Product Security: Symantec Device Driver Local Elevation of Privilege

SYM07-024 
September 05, 2007 
Symantec SYMTDI.SYS Device Driver Local Denial of Service 
Revision History: None 

Risk Impact: Low 

Remote Access: No 
Local Access: Yes 
Authentication Required: Yes, to the local system

SYMSA-2007-013: Lotus Notes Memory Mapped Files Vulnerability

NSOADV-2009-001: Symantec ConsoleUtilities ActiveX Control Buffer Overflow

Security Advisory NSOADV-2009-001
_________________________________________
_________________________________________


  Title:                  Symantec ConsoleUtilities ActiveX Control
                          Buffer Overflow
  Severity:               Critical
  Advisory ID:            NSOADV-2009-001
  Found Date:             09.09.2009
  Date Reported:          15.09.2009

SYMSA-2008-001: Lyris ListManager - Multiple Vulnerabilities

SYMSA-2007-010: Microsoft ActiveSync 4.x Weak Password Obfuscation

SYMSA-2007-015

SYMSA-2007-008: Autodesk Backburner 3.0.2 System Backdoor

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                   Symantec Consulting Services
                         www.symantec.com
                        Security Advisory

   Advisory ID: SYMSA-2007-008
Advisory Title: Autodesk Backburner 3.0.2 : System Backdoor
        Author: Dave Hartley and Stephen Kapp

NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability

______________________________________________________________________

NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability
______________________________________________________________________
______________________________________________________________________

                               111101111
                        11111 00110 00110001111
                   111111 01 01 1 11111011111111
                11111  0 11 01 0 11 1 1  111011001

Secunia Research: Symantec Mail Security Applix Graphics Parsing Vulnerabilities

====================================================================== 

                     Secunia Research 08/04/2008

  - Symantec Mail Security Applix Graphics Parsing Vulnerabilities -

====================================================================== 
Table of Contents

Affected Software....................................................1

iDefense Security Advisory 08.25.09: Autonomy KeyView Excel File SST Parsing Integer Overflow Vulnerability

information, visit the URL referenced below.

http://www.autonomy.com/

KeyView is used by many commercial products to handle various types of
file formats. Lotus Notes and Symantec Mail Security are two examples
of such products.

II. DESCRIPTION

Remote exploitation of an integer overflow vulnerability in Autonomy's

Secunia Research: Symantec Mail Security Folio Flat File Parsing Buffer Overflows

====================================================================== 

                     Secunia Research 08/04/2008

 - Symantec Mail Security Folio Flat File Parsing Buffer Overflows -

====================================================================== 
Table of Contents

Affected Software....................................................1

iDefense Security Advisory 03.17.09: Autonomy KeyView Word Perfect File Parsing Buffer Overflow Vulnerability

by removing, or commenting out, the line referencing "wp6sr.dll" from
the "KeyView.ini" file within the Lotus Notes program directory.
Deleting "wp6sr.dll" from the affected system will also prevent
exploitation.

For Symantec Mail Security, disabling "content filtering" will prevent
exploitation.

Additional workarounds are available from the individual vendors'
advisories referenced below.

ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability

ZDI-09-098: Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-098
December 9, 2009

-- CVE ID:
CVE-2009-3027

-- Affected Vendors:
Symantec

VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow Vulnerability

VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow 
Vulnerability

http://www.vupen.com/english/research.php


I. DESCRIPTION
--------------------- 

VUPEN Vulnerability Research Team discovered a vulnerability in various

TELUS Security Labs VR - Symantec Alert Management System HNDLRSVC Arbitrary Command Execution

Symantec Alert Management System HNDLRSVC Arbitrary Command Execution

TSL ID: FSC20100727-01

1. Affected Software

     Symantec Antivirus Corporate Edition 10.1.8.8000 and possibly prior
     Symantec System Center 10.1.8.8000 and possibly prior

Reference: http://www.symantec.com/business/antivirus-corporate-edition

[W02-1008] GearSoftware Powered Products Local Privilege Escalation (Microsoft Windows Kernel IopfCompleteRequest Integer Overflow)

software for more than twenty years. GEAR develops solutions for
professional premastering, DVD editing and authoring, and is also a
leading provider of development tools that enable software companies to
integrate optical recording technology into their own products. GEAR
technology is integrated into solutions from some of the world's most
prominent technology organizations, including Apple, Symantec, Siemens,
Kodak, Philips and Bosch, among many others"

www.gearsoftware.com

Evasion attacks expoliting file-parsing vulnerabilities in antivirus products

3. Specially crafted infected POSIX TAR files with "MSCF" as first 4 bytes 
   evades detection.

   Affected products -
   CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, 
   Symantec 20101.3.0.103

   CVE no - 
   CVE-2012-1421

4. Specially crafted infected POSIX TAR files with "ITSF" as first 4 bytes

Foofus.net Security Advisory: Symantec AMS Intel Alert Handler service Design Flaw

==================================================
Foofus.net Security Advisory: foofus-20100726
==================================================
Title:          Symantec Antivirus Corporate Edition AMS Intel Alert Handler

Version:        10.1.8.8000 and earlier

Vendor:         Symantec 

Release Date:   26.07.2010

TELUS Security Labs VR - Symantec Antivirus Intel Alert Handler Service Denial of Service

Symantec Antivirus Intel Alert Handler Service Denial of Service

TSL ID: FSC20101213-06

1. Affected Software

     Symantec Antivirus Corporate Edition 10.1.8.8000 and possibly prior
     Symantec System Center 10.1.8.8000 and possibly prior

Reference: http://www.symantec.com/business/antivirus-corporate-edition

[CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service

Hash: SHA1

      Core Security Technologies - CoreLabs Advisory
           http://corelabs.coresecurity.com/

Symantec Intel Handler Service Remote DoS



1. *Advisory Information*

iDefense Security Advisory 02.26.08: Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability

http://labs.idefense.com/intelligence/vulnerabilities/
Feb 26, 2008

I. BACKGROUND

Symantec Scan Engine is a standalone Anti-Virus Engine that exposes a
scanning Application Programming Interface (API) directly to developers
who wish to integrate protection into their own custom applications.
More information is available on the vendor's site at the following
URL.

[DSECRG-09-039] Symantec Antivirus 10.0 ActiveX - buffer Overflow.

Digital Security Research Group [DSecRG] Advisory       #DSECRG-09-039

Application:                    Symantec Antivirus Client Proxy         
Versions Affected:              Version 10
Vendor URL:                     http://symantec.com
Bugs:                           Buffer Overflow
Exploits:                       POC
Reported:                       04.05.2009
Vendor response:                07.05.2009
Date of Public Advisory:        17.02.2010

Next Page>>

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!