Symantec

Messaging Gateway

25 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2017-6324

  • EPSS 0.45%
  • Published 26.06.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro through despite the administrator having the 'disarm' functionality enabled. This constitutes...

10

CVE-2017-6326

  • EPSS 70.46%
  • Published 26.06.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process.

6.6

CVE-2017-6325

  • EPSS 3.6%
  • Published 26.06.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a ...

6.5

CVE-2016-5312

Exploit
  • EPSS 40.03%
  • Published 14.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the sn parameter to brightmail/servlet/com.ve.kavachart.servlet.Ch...

5.5

CVE-2016-5310

Exploit
  • EPSS 7.96%
  • Published 14.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6...

5.5

CVE-2016-5309

Exploit
  • EPSS 8.03%
  • Published 14.04.2017 18:59:00
  • Last modified 20.04.2025 01:37:25

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6...

8.2

CVE-2016-2204

  • EPSS 0.15%
  • Published 22.04.2016 18:59:06
  • Last modified 12.04.2025 10:46:40

The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input.

7.8

CVE-2016-2203

Exploit
  • EPSS 29.57%
  • Published 22.04.2016 18:59:05
  • Last modified 12.04.2025 10:46:40

The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.

4.3

CVE-2014-1648

Exploit
  • EPSS 0.53%
  • Published 23.04.2014 11:52:59
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x before 10.5.2 allows remote attackers to inject arbitrary web script or HTML via the displa...

5

CVE-2012-4347

Exploit
  • EPSS 69.71%
  • Published 05.12.2012 11:57:14
  • Last modified 11.04.2025 00:51:21

Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/e...