Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2005-0249

CVE information

Published

17 years ago

Last Modified

3 years ago

CVSSv2.0 Severity

High

Impact Analysis

Description

Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header..

CVSSv2.0 Score

Severity
High
Base Score
7.5/10
Exploit Score
10/10
Access Vector
Network
Access Complexity
Low
Authentication Required
None
Impact Score
6.4/10
Confidentiality Impact
Partial
Availability Impact
Partial
Integrity Impact
Partial

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:a:symantec:norton_internet_security:2004:*:professio
  Yes
- -
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:
  Yes
- -
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:
  Yes
- -
cpe:2.3:a:symantec:mail_security:4.1:build_461:exchange:*:*:
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*
  Yes
- -
cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:o
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*
  Yes
- -
cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314
  Yes
- -
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*
  Yes
- -
cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:2.18_build_83:*:exchange
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*
  Yes
- -
cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:mail_security:4.1:build_458:exchange:*:*:
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:2004:*:windows:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*
  Yes
- -
cpe:2.3:a:symantec:norton_system_works:2004:*:windows:*:*:*:
  Yes
- -
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:
  Yes
- -
cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:
  Yes
- -
cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336
  Yes
- -
cpe:2.3:a:symantec:gateway_security:2.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:a
  Yes
- -
cpe:2.3:a:symantec:sav_filter_for_domino_nt:3.1.1:*:*:*:*:*:
  Yes
- -
cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:antivirus_scan_engine:*:*:*:*:*:*:*:*
  Yes
- 4.3.3
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:
  Yes
- -
cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:mail_security:4.1:build_459:exchange:*:*:
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*
  Yes
- -
cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh_corporat
  Yes
- -
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:
  Yes
- -
cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329
  Yes
- -
cpe:2.3:a:symantec:gateway_security:1.0:*:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:
  Yes
- -
cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*
  Yes
- -