Vulnerability CVE-2017-6330

Published: 2017-09-13

Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote attackers to cause a denial of service (resource consumption) via crafted web requests."

Vendor: Symantec
Product: Encryption desktop 
Version: 10.4.1;

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
Exploit range
Attack complexity
Single time
Confidentiality impact
Integrity impact
Availability impact


Related CVE
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the di...
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12...
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to sav...
GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) v...
DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request.
Symantec Reporter 9.5 prior to and 10.1 prior to does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter.
The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to, ProxySG 6.5 (prior to, ProxySG 6.6, and ProxySG 6.7 (prior to management console is susceptible to a reflected XSS vulnerability. A remote attacker can use...
The Symantec ProxySG 6.5 (prior to, 6.6, and 6.7 (prior to management console is susceptible to a reflected XSS vulnerability. A remote attacker can use a crafted management console URL in a phishing attack to inject arbitrary Java...

Copyright 2018,


Back to Top