Symantec Client Security — known CVE vulnerabilities
Every CVE whose affected-product data names Symantec Client Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2009-1429 — CVSS 10.0 (critical): The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec…
CVE-2010-0108 — CVSS 10.0 (critical): Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x…
CVE-2004-0444 — CVSS 10.0 (critical): Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall…
CVE-2006-2630 — CVSS 10.0 (critical): Stack-based buffer overflow in Symantec Antivirus 10.1 and Client Security 3.1 allows remote attackers to execute arbitrary code via…
CVE-2007-0447 — CVSS 9.3 (critical): Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via…
CVE-2009-1430 — CVSS 9.3 (critical): Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as…
CVE-2007-3699 — CVSS 9.3 (critical): The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain…
CVE-2010-0107 — CVSS 9.3 (critical): Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and…
CVE-2009-1431 — CVSS 9.3 (critical): XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center…
CVE-2007-3095 — CVSS 9.0 (critical): Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security…
CVE-2007-3021 — CVSS 7.5 (high): Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec…
CVE-2005-0249 — CVSS 7.5 (high): Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX…
CVE-2006-3454 — CVSS 7.2 (high): Multiple format string vulnerabilities in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allow…
CVE-2007-3673 — CVSS 6.9 (medium): Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through…
CVE-2007-3800 — CVSS 6.0 (medium): Unspecified vulnerability in the Real-time scanner (RTVScan) component in Symantec AntiVirus Corporate Edition 9.0 through 10.1 and Client…
CVE-2004-0375 — CVSS 5.0 (medium): SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and…
CVE-2009-1432 — CVSS 5.0 (medium): Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec…
CVE-2007-1793 — CVSS 4.9 (medium): SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to…
CVE-2006-4855 — CVSS 4.9 (medium): The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet…
CVE-2006-4802 — CVSS 4.6 (medium): Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security…
CVE-2007-3771 — CVSS 4.6 (medium): Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client…
CVE-2007-3022 — CVSS 4.3 (medium): Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec…
CVE-2009-3104 — CVSS 4.3 (medium): Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate…
CVE-2006-3455 — CVSS 4.3 (medium): The SAVRT.SYS device driver, as used in Symantec AntiVirus Corporate Edition 8.1 and 9.0.x up to 9.0.3, and Symantec Client Security 1.1…
CVE-2004-0445 — CVSS 2.6 (low): The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004…
CVE-2010-0106 — CVSS 1.9 (low): The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before…
CVE-2007-1476 — CVSS 1.9 (low): The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006…