Symantec Scan Engine 5.0.0.24

CPE Details

Symantec Scan Engine 5.0.0.24
symantec
antivirus_scan_engine
5.0.0.24
2007-08-23
19h16 +00:00
2008-04-07
12h53 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:symantec:antivirus_scan_engine:5.0.0.24:*:*:*:*:*:*:*

Informations

Vendor

symantec

Product

antivirus_scan_engine

Version

5.0.0.24

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2006-0230 2006-04-24 23h00 +00:00 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.
10
CVE-2006-0231 2006-04-24 23h00 +00:00 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses the same private DSA key for each installation, which allows remote attackers to conduct man-in-the-middle attacks and decrypt communications.
6.4
CVE-2006-0232 2006-04-24 23h00 +00:00 Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote attackers to obtain the information via direct requests.
5
CVE-2005-3217 2005-10-14 02h00 +00:00 Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
5.1
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.