Skip to main content

Message Gateway

9 CVEs product

Monthly

CVE-2019-12751 CRITICAL Act Now

Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Message Gateway
NVD
CVSS 3.0
9.8
EPSS
2.3%
CVE-2017-6328 HIGH POC This Week

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Message Gateway
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
0.9%
CVE-2016-3646 HIGH POC THREAT Act Now

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 26.0%.

RCE Denial Of Service Microsoft Norton Security Protection Engine +16
NVD Exploit-DB
CVSS 3.0
8.4
EPSS
26.0%
Threat
4.0
CVE-2016-3645 CRITICAL POC THREAT Emergency

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.6%.

Buffer Overflow Microsoft Norton Security Protection Engine Advanced Threat Protection +15
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
75.6%
Threat
5.7
CVE-2016-3644 HIGH POC THREAT Act Now

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.0%.

Denial Of Service RCE Buffer Overflow Microsoft Norton Security +17
NVD Exploit-DB
CVSS 3.0
8.4
EPSS
29.0%
Threat
4.1
CVE-2016-2211 HIGH This Week

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Mail Security For Microsoft Exchange +17
NVD
CVSS 3.0
7.8
EPSS
9.7%
CVE-2016-2210 HIGH POC THREAT Act Now

Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.1%.

RCE Buffer Overflow Microsoft Mail Security For Microsoft Exchange Norton Power Eraser +16
NVD Exploit-DB
CVSS 3.0
7.3
EPSS
29.1%
CVE-2016-2209 HIGH POC THREAT Act Now

Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway;. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.1%.

RCE Buffer Overflow Microsoft Mail Security For Microsoft Exchange Norton Power Eraser +16
NVD Exploit-DB
CVSS 3.0
7.3
EPSS
29.1%
CVE-2016-2207 HIGH POC THREAT Act Now

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 50.2%.

RCE Denial Of Service Microsoft Mail Security For Microsoft Exchange Norton Power Eraser +16
NVD Exploit-DB
CVSS 3.0
8.4
EPSS
50.2%
Threat
4.7
EPSS 2% CVSS 9.8
CRITICAL Act Now

Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Message Gateway
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Message Gateway
NVD Exploit-DB
EPSS 26% 4.0 CVSS 8.4
HIGH POC THREAT Act Now

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 26.0%.

RCE Denial Of Service Microsoft +18
NVD Exploit-DB
EPSS 76% 5.7 CVSS 9.8
CRITICAL POC THREAT Emergency

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.6%.

Buffer Overflow Microsoft Norton Security +17
NVD Exploit-DB
EPSS 29% 4.1 CVSS 8.4
HIGH POC THREAT Act Now

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.0%.

Denial Of Service RCE Buffer Overflow +19
NVD Exploit-DB
EPSS 10% CVSS 7.8
HIGH This Week

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow +19
NVD
EPSS 29% CVSS 7.3
HIGH POC THREAT Act Now

Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.1%.

RCE Buffer Overflow Microsoft +18
NVD Exploit-DB
EPSS 29% CVSS 7.3
HIGH POC THREAT Act Now

Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway;. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 29.1%.

RCE Buffer Overflow Microsoft +18
NVD Exploit-DB
EPSS 50% 4.7 CVSS 8.4
HIGH POC THREAT Act Now

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 50.2%.

RCE Denial Of Service Microsoft +18
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy