Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2007-3771
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of service (service crash) via a long (1) To, (2) From, or (3) Subject header in an outbound SMTP e-mail message. NOTE: the original vendor advisory referenced CVE-2006-3456, but this was an error..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4.6/10
- Exploit Score
- 3.1/10
- Access Vector
- Local
- Access Complexity
- Low
- Authentication Required
- Single
- Impact Score
- 6.9/10
- Confidentiality Impact
- None
- Availability Impact
- Complete
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:corporate:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:corporate:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.1.1000:*:corporate:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate:*:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate:*:*:*: |
Yes
|
- | - | |
cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate: |
Yes
|
- | - |
References
- http://www.securityfocus.com/bid/24802
- http://securitytracker.com/id?1018367
- http://securitytracker.com/id?1018371
- http://secunia.com/advisories/26036
- http://osvdb.org/36115
- http://www.vupen.com/english/advisories/2007/2506
- http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35354