Vulnerability CVE-2016-3646


Published: 2016-06-30

Description:
The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression.

See advisories in our WLB2 database:
Topic
Author
Date
High
Symantec Antivirus Missing Bounds Checks in dec2zip ALPkOldFormatDecompressor::UnShrink
Google Security ...
30.06.2016

Type:

CWE-20

(Improper Input Validation)

Vendor: Symantec
Product: Mail security for domino 
Version:
8.1.3
8.1.2
8.1.1
8.1
8.0.9
8.0.8
8.0.7
8.0.6
8.0.5
8.0.3
8.0.2
8.0.1
8.0
Product: Protection engine 
Version:
7.8.0
7.5.4
7.5.3
7.5.2
7.5.1
7.5.0
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
Product: Mail security for microsoft exchange 
Version:
7.5.4
7.5.3
7.5.2
7.5.1
7.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0
6.5.8
Product: Data center security server 
Version:
6.6
6.5
6.0
Product: Protection for sharepoint servers 
Version:
6.06
6.05
6.04
6.03
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0
Product: Norton power eraser 
Version: 5.0;
Product: NGC 
Version: 22.6;
Product: Norton bootable removal tool 
Version: 2016.0;
Product: Advanced threat protection 
Version: 2.0.3;
Product: Norton security 
Version: 13.0.1;
Product: Endpoint protection 
Version: 12.1.6;
Product: Message gateway 
Version: 10.6.1-3;
Product: Message gateway for service providers 
Version: 10.6; 10.5;
Product: Csapi 
Version: 10.0.4;
Product: Norton security with backup 
Product: Norton internet security 
Product: Norton 360 
Product: Norton antivirus 

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.securityfocus.com/bid/91435
http://www.securitytracker.com/id/1036198
http://www.securitytracker.com/id/1036199
https://www.exploit-db.com/exploits/40036/
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00

Related CVE
CVE-2019-12755
Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have ac...
CVE-2019-9697
An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwis...
CVE-2019-12754
Symantec My VIP portal, previous version which has already been auto updated, was susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other use...
CVE-2019-12753
An information disclosure vulnerability in Symantec Reporter web UI 10.3 prior to 10.3.2.5 allows a malicious authenticated administrator user to obtain passwords for external SMTP, FTP, FTPS, LDAP, and Cloud Log Download servers that they might not ...
CVE-2018-18371
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. An information disclosure vulnerability in the WebFTP mode allows a malicious user to obtain plaintext au...
CVE-2018-18370
The ASG/ProxySG FTP proxy WebFTP mode allows intercepting FTP connections where a user accesses an FTP server via a ftp:// URL in a web browser. A stored cross-site scripting (XSS) vulnerability in the WebFTP mode allows a remote attacker to inject m...
CVE-2019-12750
Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue wh...
CVE-2019-12751
Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are nor...

Copyright 2019, cxsecurity.com

 

Back to Top