Security information of a time critical nature that relates directly to Symantec products.
Symantec is committed to responsible disclosure. We believe that it is the best way we can serve our customers and do our part to protect the Internet community. Read More >>
| Symantec SPBBCDRV.SYS Device Driver Local Denial of Service |
December 12, 2008 |
| Symantec Backup Exec Authentication Bypass and Potential Buffer Overflow |
November 19, 2008 |
| Symantec Altiris Deployment Solution Elevation of Privilege Clear Text Password in Memory |
October 20, 2008 |
| Symantec Altiris Deployment Solution Local Access Elevation of Privilege in Client GUI |
October 20, 2008 |
| Veritas File System Quick I/O for Database Utility Information Disclosure and Elevation of Privilege |
October 20, 2008 |
| Symantec Device Driver Local Elevation of Privilege |
October 07, 2008 |
| Symantec Veritas NetBackup Administration JAVA GUI Elevation of Privilege |
September 24, 2008 |
| Veritas Storage Foundation for Windows Volume Manager Scheduler Service for Windows Security Update Circumvention |
August 14, 2008 |
| Symantec Altiris Notification Server Agent GUI Local Elevation of Privilege |
June 17, 2008 |
| Symantec Backup Exec System Recovery Manager - Directory Traversal Vulnerability |
May 28, 2008 |
| Altiris Deployment Solution Multiple Vulnerabilities |
May 14, 2008 |
| Symantec Altiris Deployment Solution Clear Text Password |
April 10, 2008 |
| Symantec Mail Security Autonomy KeyView Module Vulnerability |
April 08, 2008 |
| Symantec AutoFix Support Tool ActiveX Control Vulnerabilities |
April 02, 2008 |
| Symantec Altiris Deployment Server Escalation of Privileges |
March 10, 2008 |
| Symantec Backup Exec and NetBackup for Windows Servers Multiple Vulnerabilities in Scheduler |
February 28, 2008 |
| Symantec Decomposer: Multiple Denial of Service Vulnerabilities |
February 26, 2008 |
| Veritas Storage Foundation by Symantec: Veritas Enterprise Administrator, Heap Overflow |
February 20, 2008 |
| Veritas Storage Foundation for Windows by Symantec: Denial of Service in Scheduler Service |
February 20, 2008 |
| Symantec Ghost Solution Suite: server authentication vulnerability |
February 07, 2008 |
| Symantec Altiris Notification Server Agent Privilege Escalation Vulnerability |
February 06, 2008 |
| Symantec Backup Exec System Recovery Manager - Unauthorized File Upload |
February 04, 2008 |
| Symantec Backup Exec for Windows Server: Multiple Denial of Service Issues in Job Engine |
November 27, 2007 |
| Symantec AntiVirus for Macintosh and Norton AntiVirus for Macintosh Local Elevation of Privilege |
November 01, 2007 |
| Symantec Mail Security KeyView Module Multiple Buffer Overflow |
November 01, 2007 |
| Altiris Deployment Solution Elevation of Privilege |
October 30, 2007 |
| Altiris Deployment Solution Directory Traversal |
October 30, 2007 |
| Symantec SYMTDI.SYS Device Driver Local Denial of Service |
September 05, 2007 |
| Symantec Enterprise Firewall and Symantec Gateway Security Username Enumeration |
August 16, 2007 |
| Altiris Deployment Solution Elevation of Privilege |
August 13, 2007 |
| Symantec ActiveX Control Input Validation Error |
August 09, 2007 |
| Symantec Discovery Insecure File Permissions |
July 27, 2007 |
| Symantec AntiVirus Malformed RAR and CAB Compression Type Bypass |
July 11, 2007 |
| Symantec SYMTDI.SYS Device Driver Local Elevation of Privilege |
July 11, 2007 |
| Symantec AntiVirus Corporate Edition Local Elevation of Privilege |
July 11, 2007 |
| Symantec Client Security Internet E-mail Auto-Protect Stack Overflow |
July 11, 2007 |
| Symantec Backup Exec for Windows Server: RPC Interface Heap Overflow, Denial of Service |
July 11, 2007 |
| Symantec Mail Security for SMTP Executable Attachment Parsing Denial of Service |
June 26, 2007 |
| Multiple Symantec Ghost Solution Suite Vulnerabilities |
June 5, 2007 |
| Symantec Reporting Server Elevation of Privilege |
June 5, 2007 |
| Symantec Reporting Server Password Disclosure |
June 5, 2007 |
| Symantec Storage Foundation Solutions Suites: Veritas Volume Replicator, Denial of Service in Veritas Administrative Service |
June 1, 2007 |
| Symantec Storage Foundation for Windows Volume Manager: Authentication Bypass and Potential Code Execution in Scheduler Service |
June 1, 2007 |
| Symantec Enterprise Security Manager Denial-of-Service |
May 24, 2007 |
| Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow |
May 16, 2007 |
| Symantec pcAnywhere Remote User Credential Disclosure |
May 9, 2007 |
| Symantec COM object security bypass |
May 9, 2007 |
| Multiple Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recover Vulnerabilities |
April 26, 2007 |
| Symantec Enterprise Security Manager Remote Upgrade Authentication Bypass |
April 5, 2007 |
| Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support Assistant |
February 22, 2007 |
| Symantec Web Security Multiple Vulnerability |
January 24, 2007 |
| Symantec Veritas NetBackup: Vulnerabilities in NetBackup Server and Clients |
December 13, 2006 |
| Symantec NetBackup PureDisk: PHP update to Address Reported Security Vulnerability |
November 28, 2006 |
| Symantec Device Driver Elevation of Privilege |
October 23, 2006 |
| Symantec Mail Security for Domino Server Relay |
October 19, 2006 |
| Symantec Device Driver Elevation of Privilege |
October 5, 2006 |
| Symantec Automated Support Assistant: Vulnerabilities in Support Tool ActiveX Control |
October 5, 2006 |
| Symantec: SymEvent Driver Local Access System Denial of Service |
September 20, 2006 |
| Symantec AntiVirus Corporate Edition Elevation of Privilege |
September 13, 2006 |
| Symantec Enterprise Security Manager Denial-of-Service |
August 18, 2006 |
| Symantec NetBackup PureDisk: Non-Privileged User Authentication Bypass Elevation of Privilege |
August 16, 2006 |
| Symantec Backup Exec for Windows Server: RPC Interface Heap Overflow, Authorized User Potential Elevation of Privilege |
August 11, 2006 |
| Symantec On-Demand Protection Encrypted Data Exposure |
August 1, 2006 |
| Symantec Brightmail AntiSpam Multiple Vulnerabilities |
July 27, 2006 |
| Symantec Security Information Manager Authentication bypass |
June 13, 2006 |
| Symantec Client Security and Symantec AntiVirus Elevation of Privilege |
May 25, 2006 |
| Symantec Enterprise Firewall NAT/HTTP Proxy internal IP leakage |
May 10, 2006 |
| Symantec Scan Engine Multiple Vulnerabilities |
April 21, 2006 |
| Symantec LiveUpdate for Macintosh Local Privilege Escalation |
April 17, 2006 |
| Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons |
March 27, 2006 |
| Veritas Backup Exec for Windows Servers: Media Server BENGINE Service Job log Format String Overflow |
March 17, 2006 |
| Veritas Backup Exec: Application Memory Denial of Service |
March 17, 2006 |
| Symantec Ghost: Local access vulnerabilities in Database |
March 7, 2006 |
| Symantec Sygate Management Server: SMS Authentication Servlet SQL Injection |
February 1, 2006 |
| Symantec Norton Protected Recycle Bin Exposure |
January 10, 2006 |
| Symantec AntiVirus Decomposition Buffer Overflow |
December 21, 2005 |
| Symantec pcAnywhere Denial of Service |
November 29, 2005 |
| Symantec Dynamic VPN Services: ISAKMP Denial of Service |
November 21, 2005 |
| VERITAS NetBackup 5.x: Buffer Overflow in Shared Library used by Volume Manager Daemon |
November 8, 2005 |
| VERITAS Cluster Server for UNIX: Local Access Buffer Overflow |
November 8, 2005 |
| Symantec Discovery Web Accounts Null Password |
October 24, 2005 |
| Symantec LiveUpdate for Macintosh Local Privilege Escalation |
October 19, 2005 |
| Symantec Norton AntiVirus for Macintosh DiskMountNotify Local Privilege Escalation |
October 19, 2005 |
| Symantec Brightmail AntiSpam: Malformed MIME, Denial of Service |
October 12, 2005 |
| VERITAS NetBackup: Java User-Interface, format string vulnerability |
October 12, 2005 |
| Symantec Antivirus Scan Engine: Web Service Administrative Interface Buffer Overflow |
October 4, 2005 |
| Symantec Brightmail AntiSpam: Nested Zip File, Denial of Service |
September 21, 2005 |
| Symantec Brightmail AntiSpam: winmail.dat File, Denial of Service |
September 21, 2005 |
| VERITAS Storage Exec DCOM Server Buffer Overflows |
September 19, 2005 |
| Local LiveUpdate server username / password information revealed by client |
September 2, 2005 |
| Symantec AntiVirus Corporate Edition 9.0 and Symantec Client Security 2.0 Help File Elevation of Privilege |
August 24, 2005 |
| VERITAS Backup Exec for Windows Servers, VERITAS Backup Exec for NetWare Servers, and NetBackup for NetWare Media Server Option Remote Agent Authentication Vulnerability |
August 12, 2005 |
| Symantec pcAnywhere (run on connect) privilege escalation |
June 10, 2005 |
| Symantec Brightmail AntiSpam Static Database Password |
May 31, 2005 |
| Symantec security gateway ICMP potential Denial of Service |
May 02, 2005 |
| Symantec AntiVirus RAR archive bypass |
April 27, 2005 |
| Denial of Service in Symantec Norton AntiVirus AutoProtect |
March 28, 2005 |
| Symantec security gateway DNS redirection |
March 15, 2005 |
| SMTP Binding Configuration Settings Bypassed |
February 28, 2005 |
| Symantec UPX Parsing Engine Heap Overflow |
February 8, 2005 |
| Symantec Completes Update of Microsoft's Graphic Device Interface Component (gdiplus.dll) |
January 18, 2005 |
| Sun Alert ID 57591: Java Runtime Environment (JRE) |
January 4, 2005 |
| Symantec Windows LiveUpdate Configuration Options Elevation of Privilege |
December 13, 2004 |
| Symantec Windows LiveUpdate potential for minor Denial of Service and Directory Traversal |
November 23, 2004 |
| Symantec Norton AntiVirus Auto-Protect Alert Notification Limited Denial of Service |
November 10, 2004 |
| Symantec Norton AntiVirus MS-DOS Reserve Device Name Handling |
October 5, 2004 |
| Symantec ON Command CCM/ON iCommand Default Passwords Can Provide Unauthorized Access |
September 29, 2004 |
| Symantec Enterprise Firewall/VPN and Gateway Security 300 Series Appliances Multiple Issues |
September 22, 2004 |
| Symantec IPsec/ISAKMP VPN Buffer Overflow |
August 26, 2004 |
| Symantec Clientless VPN Gateway 4400 Series v5.0 Hotfix |
August 13, 2004 |
| Symantec Gateway Security Products DNS Cache Poisoning Vulnerability |
June 21, 2004 |
| Symantec Norton AntiVirus 2004 ActiveX Control Vulnerability |
May 20, 2004 |
| Symantec Client Firewall Remote Access and Denial of Service Issues |
May 12, 2004 |
| Symantec Client Firewall Denial of Service Vulnerability |
April 20, 2004 |
| Symantec AntiVirus Scan Engine Potential Race Condition Vulnerability |
March 22, 2004 |
| Symantec Norton Internet Security and Norton AntiSpam Remote Access Vulnerability |
March 19, 2004 |
| Symantec Firewall/VPN Appliance Cached Password Vulnerability |
March 2, 2004 |
| Symantec Gateway Security 5400 Series Cross-Site Scripting Vulnerability |
March 2, 2004 |
| Symantec Web Security Cross-Site Scripting Vulnerability |
January 13, 2004 |
| Symantec Automatic LiveUpdate Local User Elevation of Privilege |
January 12, 2004 |
| Symantec pcAnywhere Chat Mode Privilege Elevation |
November 21, 2003 |
| Symantec pcAnywhere Service-Mode Help File Elevation of Privilege |
November 13, 2003 |
| Symantec Norton Internet Security (NIS) Blocked Site Return Messages Not Properly Validated |
October 27, 2003 |
| Win32 Device Drivers Communication Vulnerabilities |
August 8, 2003 |
| Denial of Service Vulnerability in Symantec Quarantine Server |
July 28, 2003 |
| Symantec Norton AntiVirus Corporate Edition - Issue with Windows XP and floppy disk scan |
July 1, 2003 |
| Symantec Security Check ActiveX Buffer Overflow |
June 25, 2003 |
| Symantec Norton AntiVirus 2002 Buffer Overflow Vulnerability |
February 28, 2003 |
| Symantec Norton Internet Security ICMP Packet Flood Denial Of Service Vulnerability |
January 17, 2003 |
| Symantec Enterprise Firewall: Unexpected RealAudio Service Termination |
December 12, 2002 |
| Symantec Norton AntiVirus Corporate Edition 7.x Help File Elevation of Privilege |
October 15, 2002 |
| Symantec Enterprise Firewall Secure Webserver info leak |
October 13, 2002 |
| Symantec Firewall Secure Webserver timeout DoS |
October 13, 2002 |
| Fragmented MIME messages bypass SMTP scanners |
September 10, 2002 |
| Symantec Enterprise Firewall TCP Initial Sequence Number Randomization |
August 5, 2002 |
| Symantec Personal and Desktop Firewall Denial of Service Buffer Overflow |
July 15, 2002 |
| Symantec Enterprise Firewall out-of-band authentication (OOBA) denial of service hardening |
July 3, 2002 |
| Symantec Intruder Alert Denial of Service in the snmptrap.exe module |
July 2, 2002 |
| Symantec Norton Personal Firewall 2002 SYN/FIN scan issue |
May 16, 2002 |
| Symantec Enterprise Firewall FTP Bounce Attack |
April 17, 2002 |
| Symantec Norton AntiVirus 2002 Incoming Email Scan Bypass |
April 3, 2002 |
| Symantec Norton AntiVirus Email Protection Bypass |
March 7, 2002 |
| Symantec Norton AntiVirus Corporate Edition 7.x local LiveUpdate Server login information in clear |
February 28, 2002 |
| Symantec Enterprise Firewall SMTP Proxy Issues |
February 20, 2002 |
| Symantec Enterprise Firewall SNMP Notify Daemon drops alerts |
February 20, 2002 |
| Firewall log file permissions and file sharing parameters allow unauthorized log file access and modification |
January 22, 2002 |
| Symantec LiveUpdate 1.4 through 1.6 vulnerability |
October 5, 2001 |
| Norton AntiVirus 2002 Beta Security Issues |
July 24, 2001 |
| Symantec LiveUpdate 1.5x Proxy Password Issues |
July 20, 2001 |
| Symantec NetProwler 3.5.x MySQL Database Configuration Allows Possible Remote Access |
May 8, 2001 |
