Security Advisories Relating to Symantec Products - Archive

Note: This is the archive for Security Advisories Relating to Symantec Products. The most recent Advisories can be found here.
Security information of a time critical nature that relates directly to Symantec products. Symantec is committed to responsible disclosure. We believe that it is the best way we can serve our customers and do our part to protect the Internet community. Read More
Title Date
Symantec Products Update Vulnerable Autonomy KeyView Module March 17, 2009
Symantec pcAnywhere Format String Denial of Service March 17, 2009
Symantec NetBackup Communications Setup Elevation of Privilege February 17, 2009
Symantec AppStream ActiveX Unauthorized Access January 15, 2009
Symantec SPBBCDRV.SYS Device Driver Local Denial of Service December 12, 2008
Symantec Backup Exec Authentication Bypass and Potential Buffer Overflow November 19, 2008
Symantec Altiris Deployment Solution Elevation of Privilege Clear Text Password in Memory October 20, 2008
Symantec Altiris Deployment Solution Local Access Elevation of Privilege in Client GUI October 20, 2008
Veritas File System Quick I/O for Database Utility Information Disclosure and Elevation of Privilege October 20, 2008
Symantec Device Driver Local Elevation of Privilege October 07, 2008
Symantec Veritas NetBackup Administration JAVA GUI Elevation of Privilege September 24, 2008
Veritas Storage Foundation for Windows Volume Manager Scheduler Service for Windows Security Update Circumvention August 14, 2008
Symantec Altiris Notification Server Agent GUI Local Elevation of Privilege June 17, 2008
Symantec Backup Exec System Recovery Manager - Directory Traversal Vulnerability May 28, 2008
Altiris Deployment Solution Multiple Vulnerabilities May 14, 2008
Symantec Altiris Deployment Solution Clear Text Password April 10, 2008
Symantec Mail Security Autonomy KeyView Module Vulnerability April 08, 2008
Symantec AutoFix Support Tool ActiveX Control Vulnerabilities April 02, 2008
Symantec Altiris Deployment Server Escalation of Privileges March 10, 2008
Symantec Backup Exec and NetBackup for Windows Servers Multiple Vulnerabilities in Scheduler February 28, 2008
Symantec Decomposer: Multiple Denial of Service Vulnerabilities February 26, 2008
Veritas Storage Foundation by Symantec: Veritas Enterprise Administrator, Heap Overflow February 20, 2008
Veritas Storage Foundation for Windows by Symantec: Denial of Service in Scheduler Service February 20, 2008
Symantec Ghost Solution Suite: server authentication vulnerability February 07, 2008
Symantec Altiris Notification Server Agent Privilege Escalation Vulnerability February 06, 2008
Symantec Backup Exec System Recovery Manager - Unauthorized File Upload February 04, 2008
Symantec Backup Exec for Windows Server: Multiple Denial of Service Issues in Job Engine November 27, 2007
Symantec AntiVirus for Macintosh and Norton AntiVirus for Macintosh Local Elevation of Privilege November 01, 2007
Symantec Mail Security KeyView Module Multiple Buffer Overflow November 01, 2007
Altiris Deployment Solution Elevation of Privilege October 30, 2007
Altiris Deployment Solution Directory Traversal October 30, 2007
Symantec SYMTDI.SYS Device Driver Local Denial of Service September 05, 2007
Symantec Enterprise Firewall and Symantec Gateway Security Username Enumeration August 16, 2007
Altiris Deployment Solution Elevation of Privilege August 13, 2007
Symantec ActiveX Control Input Validation Error August 09, 2007
Symantec Discovery Insecure File Permissions July 27, 2007
Symantec AntiVirus Malformed RAR and CAB Compression Type Bypass July 11, 2007
Symantec SYMTDI.SYS Device Driver Local Elevation of Privilege July 11, 2007
Symantec AntiVirus Corporate Edition Local Elevation of Privilege July 11, 2007
Symantec Client Security Internet E-mail Auto-Protect Stack Overflow July 11, 2007
Symantec Backup Exec for Windows Server: RPC Interface Heap Overflow, Denial of Service July 11, 2007
Symantec Mail Security for SMTP Executable Attachment Parsing Denial of Service June 26, 2007
Multiple Symantec Ghost Solution Suite Vulnerabilities June 5, 2007
Symantec Reporting Server Elevation of Privilege June 5, 2007
Symantec Reporting Server Password Disclosure June 5, 2007
Symantec Storage Foundation Solutions Suites: Veritas Volume Replicator, Denial of Service in Veritas Administrative Service June 1, 2007
Symantec Storage Foundation for Windows Volume Manager: Authentication Bypass and Potential Code Execution in Scheduler Service June 1, 2007
Symantec Enterprise Security Manager Denial-of-Service May 24, 2007
Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow May 16, 2007
Symantec pcAnywhere Remote User Credential Disclosure May 9, 2007
Symantec COM object security bypass May 9, 2007
Multiple Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recover Vulnerabilities April 26, 2007
Symantec Enterprise Security Manager Remote Upgrade Authentication Bypass April 5, 2007
Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support Assistant February 22, 2007
Symantec Web Security Multiple Vulnerability January 24, 2007
Symantec Veritas NetBackup: Vulnerabilities in NetBackup Server and Clients December 13, 2006
Symantec NetBackup PureDisk: PHP update to Address Reported Security Vulnerability November 28, 2006
Symantec Device Driver Elevation of Privilege October 23, 2006
Symantec Mail Security for Domino Server Relay October 19, 2006
Symantec Device Driver Elevation of Privilege October 5, 2006
Symantec Automated Support Assistant: Vulnerabilities in Support Tool ActiveX Control October 5, 2006
Symantec: SymEvent Driver Local Access System Denial of Service September 20, 2006
Symantec AntiVirus Corporate Edition Elevation of Privilege September 13, 2006
Symantec Enterprise Security Manager Denial-of-Service August 18, 2006
Symantec NetBackup PureDisk: Non-Privileged User Authentication Bypass Elevation of Privilege August 16, 2006
Symantec Backup Exec for Windows Server: RPC Interface Heap Overflow, Authorized User Potential Elevation of Privilege August 11, 2006
Symantec On-Demand Protection Encrypted Data Exposure August 1, 2006
Symantec Brightmail AntiSpam Multiple Vulnerabilities July 27, 2006
Symantec Security Information Manager Authentication bypass June 13, 2006
Symantec Client Security and Symantec AntiVirus Elevation of Privilege May 25, 2006
Symantec Enterprise Firewall NAT/HTTP Proxy internal IP leakage May 10, 2006
Symantec Scan Engine Multiple Vulnerabilities April 21, 2006
Symantec LiveUpdate for Macintosh Local Privilege Escalation April 17, 2006
Veritas NetBackup: Multiple Overflow Vulnerabilities in NetBackup Daemons March 27, 2006
Veritas Backup Exec for Windows Servers: Media Server BENGINE Service Job log Format String Overflow March 17, 2006
Veritas Backup Exec: Application Memory Denial of Service March 17, 2006
Symantec Ghost: Local access vulnerabilities in Database March 7, 2006
Symantec Sygate Management Server: SMS Authentication Servlet SQL Injection February 1, 2006
Symantec Norton Protected Recycle Bin Exposure January 10, 2006
Symantec AntiVirus Decomposition Buffer Overflow December 21, 2005
Symantec pcAnywhere Denial of Service November 29, 2005
Symantec Dynamic VPN Services: ISAKMP Denial of Service November 21, 2005
VERITAS NetBackup 5.x: Buffer Overflow in Shared Library used by Volume Manager Daemon November 8, 2005
VERITAS Cluster Server for UNIX: Local Access Buffer Overflow November 8, 2005
Symantec Discovery Web Accounts Null Password October 24, 2005
Symantec LiveUpdate for Macintosh Local Privilege Escalation October 19, 2005
Symantec Norton AntiVirus for Macintosh DiskMountNotify Local Privilege Escalation October 19, 2005
Symantec Brightmail AntiSpam: Malformed MIME, Denial of Service October 12, 2005
VERITAS NetBackup: Java User-Interface, format string vulnerability October 12, 2005
Symantec Antivirus Scan Engine: Web Service Administrative Interface Buffer Overflow October 4, 2005
Symantec Brightmail AntiSpam: Nested Zip File, Denial of Service September 21, 2005
Symantec Brightmail AntiSpam: winmail.dat File, Denial of Service September 21, 2005
VERITAS Storage Exec DCOM Server Buffer Overflows September 19, 2005
Local LiveUpdate server username / password information revealed by client September 2, 2005
Symantec AntiVirus Corporate Edition 9.0 and Symantec Client Security 2.0 Help File Elevation of Privilege August 24, 2005
VERITAS Backup Exec for Windows Servers, VERITAS Backup Exec for NetWare Servers, and NetBackup for NetWare Media Server Option Remote Agent Authentication Vulnerability August 12, 2005
Symantec pcAnywhere (run on connect) privilege escalation June 10, 2005
Symantec Brightmail AntiSpam Static Database Password May 31, 2005
Symantec security gateway ICMP potential Denial of Service May 02, 2005
Symantec AntiVirus RAR archive bypass April 27, 2005
Denial of Service in Symantec Norton AntiVirus AutoProtect March 28, 2005
Symantec security gateway DNS redirection March 15, 2005
SMTP Binding Configuration Settings Bypassed February 28, 2005
Symantec UPX Parsing Engine Heap Overflow February 8, 2005
Symantec Completes Update of Microsoft's Graphic Device Interface Component (gdiplus.dll) January 18, 2005
Sun Alert ID 57591: Java Runtime Environment (JRE) January 4, 2005
Symantec Windows LiveUpdate Configuration Options Elevation of Privilege December 13, 2004
Symantec Windows LiveUpdate potential for minor Denial of Service and Directory Traversal November 23, 2004
Symantec Norton AntiVirus Auto-Protect Alert Notification Limited Denial of Service November 10, 2004
Symantec Norton AntiVirus MS-DOS Reserve Device Name Handling October 5, 2004
Symantec ON Command CCM/ON iCommand Default Passwords Can Provide Unauthorized Access September 29, 2004
Symantec Enterprise Firewall/VPN and Gateway Security 300 Series Appliances Multiple Issues September 22, 2004
Symantec IPsec/ISAKMP VPN Buffer Overflow August 26, 2004
Symantec Clientless VPN Gateway 4400 Series v5.0 Hotfix August 13, 2004
Symantec Gateway Security Products DNS Cache Poisoning Vulnerability June 21, 2004
Symantec Norton AntiVirus 2004 ActiveX Control Vulnerability May 20, 2004
Symantec Client Firewall Remote Access and Denial of Service Issues May 12, 2004
Symantec Client Firewall Denial of Service Vulnerability April 20, 2004
Symantec AntiVirus Scan Engine Potential Race Condition Vulnerability March 22, 2004
Symantec Norton Internet Security and Norton AntiSpam Remote Access Vulnerability March 19, 2004
Symantec Firewall/VPN Appliance Cached Password Vulnerability March 2, 2004
Symantec Gateway Security 5400 Series Cross-Site Scripting Vulnerability March 2, 2004
Symantec Web Security Cross-Site Scripting Vulnerability January 13, 2004
Symantec Automatic LiveUpdate Local User Elevation of Privilege January 12, 2004
Symantec pcAnywhere Chat Mode Privilege Elevation November 21, 2003
Symantec pcAnywhere Service-Mode Help File Elevation of Privilege November 13, 2003
Symantec Norton Internet Security (NIS) Blocked Site Return Messages Not Properly Validated October 27, 2003
Win32 Device Drivers Communication Vulnerabilities August 8, 2003
Denial of Service Vulnerability in Symantec Quarantine Server July 28, 2003
Symantec Norton AntiVirus Corporate Edition - Issue with Windows XP and floppy disk scan July 1, 2003
Symantec Security Check ActiveX Buffer Overflow June 25, 2003
Symantec Norton AntiVirus 2002 Buffer Overflow Vulnerability February 28, 2003
Symantec Norton Internet Security ICMP Packet Flood Denial Of Service Vulnerability January 17, 2003
Symantec Enterprise Firewall: Unexpected RealAudio Service Termination December 12, 2002
Symantec Norton AntiVirus Corporate Edition 7.x Help File Elevation of Privilege October 15, 2002
Symantec Enterprise Firewall Secure Webserver info leak October 13, 2002
Symantec Firewall Secure Webserver timeout DoS October 13, 2002
Fragmented MIME messages bypass SMTP scanners September 10, 2002
Symantec Enterprise Firewall TCP Initial Sequence Number Randomization August 5, 2002
Symantec Personal and Desktop Firewall Denial of Service Buffer Overflow July 15, 2002
Symantec Enterprise Firewall out-of-band authentication (OOBA) denial of service hardening July 3, 2002
Symantec Intruder Alert Denial of Service in the snmptrap.exe module July 2, 2002
Symantec Norton Personal Firewall 2002 SYN/FIN scan issue May 16, 2002
Symantec Enterprise Firewall FTP Bounce Attack April 17, 2002
Symantec Norton AntiVirus 2002 Incoming Email Scan Bypass April 3, 2002
Symantec Norton AntiVirus Email Protection Bypass March 7, 2002
Symantec Norton AntiVirus Corporate Edition 7.x local LiveUpdate Server login information in clear February 28, 2002
Symantec Enterprise Firewall SMTP Proxy Issues February 20, 2002
Symantec Enterprise Firewall SNMP Notify Daemon drops alerts February 20, 2002
Firewall log file permissions and file sharing parameters allow unauthorized log file access and modification January 22, 2002
Symantec LiveUpdate 1.4 through 1.6 vulnerability October 5, 2001
Norton AntiVirus 2002 Beta Security Issues July 24, 2001
Symantec LiveUpdate 1.5x Proxy Password Issues July 20, 2001
Symantec NetProwler 3.5.x MySQL Database Configuration Allows Possible Remote Access May 8, 2001