Symantec Norton Personal Firewall — known CVE vulnerabilities
Every CVE whose affected-product data names Symantec Norton Personal Firewall, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2007-1689 — CVSS 10.0 (critical): Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows…
CVE-2004-0444 — CVSS 10.0 (critical): Multiple vulnerabilities in SYMDNS.SYS for Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall…
CVE-2007-0447 — CVSS 9.3 (critical): Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via…
CVE-2007-3699 — CVSS 9.3 (critical): The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain…
CVE-2002-0663 — CVSS 7.5 (high): Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote…
CVE-2002-1778 — CVSS 7.5 (high): Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG…
CVE-2002-1779 — CVSS 7.5 (high): The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks…
CVE-2007-3673 — CVSS 6.9 (medium): Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through…
CVE-2006-1836 — CVSS 6.8 (medium): Untrusted search path vulnerability in unspecified components in Symantec LiveUpdate for Macintosh 3.0.0 through 3.5.0 do not set the…
CVE-2004-0375 — CVSS 5.0 (medium): SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and…
CVE-2007-1495 — CVSS 4.9 (medium): The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.1.7, and possibly other products using symevent.sys 12.0.0.20…
CVE-2006-4855 — CVSS 4.9 (medium): The \Device\SymEvent driver in Symantec Norton Personal Firewall 2006 9.1.0.33, and other versions of Norton Personal Firewall, Internet…
CVE-2007-1793 — CVSS 4.9 (medium): SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to…
CVE-2002-2336 — CVSS 4.3 (medium): Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause…
CVE-2006-4266 — CVSS 3.6 (low): Symantec Norton Personal Firewall 2006 9.1.0.33, and possibly earlier, does not properly protect Norton registry keys, which allows local…
CVE-2004-0445 — CVSS 2.6 (low): The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004…
CVE-2006-3725 — CVSS 2.1 (low): Norton Personal Firewall 2006 9.1.0.33 allows local users to cause a denial of service (crash) via certain RegSaveKey, RegRestoreKey and…
CVE-2007-1476 — CVSS 1.9 (low): The SymTDI device driver (SYMTDI.SYS) in Symantec Norton Personal Firewall 2006 9.1.1.7 and earlier, Internet Security 2005 and 2006…