Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for norton_antivirus_with_backup by symantec

    CVE-2016-5311 (GCVE-0-2016-5311)

    Vulnerability from nvd – Published: 2020-01-09 19:30 – Updated: 2024-08-06 01:00
    VLAI
    Summary
    A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
    Severity
    No CVSS data available.
    CWE
    • untrusted search path
    Assigner
    Date Public
    2016-08-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:00:58.618Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94295"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037323"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037324"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037325"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
              "vendor": "Symantec",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 22.7"
                }
              ]
            },
            {
              "product": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
              "vendor": "Symantec",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 22.8.0.50"
                }
              ]
            }
          ],
          "datePublic": "2016-08-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "untrusted search path",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-09T19:30:52.000Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/bid/94295"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securitytracker.com/id/1037323"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securitytracker.com/id/1037324"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securitytracker.com/id/1037325"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@symantec.com",
              "ID": "CVE-2016-5311",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 22.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 22.8.0.50"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Symantec"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "untrusted search path"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.securityfocus.com/bid/94295",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/bid/94295"
                },
                {
                  "name": "http://www.securitytracker.com/id/1037323",
                  "refsource": "MISC",
                  "url": "http://www.securitytracker.com/id/1037323"
                },
                {
                  "name": "http://www.securitytracker.com/id/1037324",
                  "refsource": "MISC",
                  "url": "http://www.securitytracker.com/id/1037324"
                },
                {
                  "name": "http://www.securitytracker.com/id/1037325",
                  "refsource": "MISC",
                  "url": "http://www.securitytracker.com/id/1037325"
                },
                {
                  "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00",
                  "refsource": "CONFIRM",
                  "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2016-5311",
        "datePublished": "2020-01-09T19:30:52.000Z",
        "dateReserved": "2016-06-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:00:58.618Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-5311 (GCVE-0-2016-5311)

    Vulnerability from cvelistv5 – Published: 2020-01-09 19:30 – Updated: 2024-08-06 01:00
    VLAI
    Summary
    A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
    Severity
    No CVSS data available.
    CWE
    • untrusted search path
    Assigner
    Date Public
    2016-08-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T01:00:58.618Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94295"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037323"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037324"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037325"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
              "vendor": "Symantec",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 22.7"
                }
              ]
            },
            {
              "product": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
              "vendor": "Symantec",
              "versions": [
                {
                  "status": "affected",
                  "version": "before 22.8.0.50"
                }
              ]
            }
          ],
          "datePublic": "2016-08-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "untrusted search path",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-09T19:30:52.000Z",
            "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
            "shortName": "symantec"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securityfocus.com/bid/94295"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securitytracker.com/id/1037323"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securitytracker.com/id/1037324"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.securitytracker.com/id/1037325"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@symantec.com",
              "ID": "CVE-2016-5311",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 22.7"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before 22.8.0.50"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Symantec"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "untrusted search path"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.securityfocus.com/bid/94295",
                  "refsource": "MISC",
                  "url": "http://www.securityfocus.com/bid/94295"
                },
                {
                  "name": "http://www.securitytracker.com/id/1037323",
                  "refsource": "MISC",
                  "url": "http://www.securitytracker.com/id/1037323"
                },
                {
                  "name": "http://www.securitytracker.com/id/1037324",
                  "refsource": "MISC",
                  "url": "http://www.securitytracker.com/id/1037324"
                },
                {
                  "name": "http://www.securitytracker.com/id/1037325",
                  "refsource": "MISC",
                  "url": "http://www.securitytracker.com/id/1037325"
                },
                {
                  "name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00",
                  "refsource": "CONFIRM",
                  "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "assignerShortName": "symantec",
        "cveId": "CVE-2016-5311",
        "datePublished": "2020-01-09T19:30:52.000Z",
        "dateReserved": "2016-06-06T00:00:00.000Z",
        "dateUpdated": "2024-08-06T01:00:58.618Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }