 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.105783 |
| Categoría: | Web application abuses |
| Título: | Symantec Messaging Gateway Decomposer Engine Multiple Parsing Vulnerabilities (SYM16-010) |
| Resumen: | Parsing of maliciously-formatted container files may cause; memory corruption, integer overflow or buffer overflow in Symantecs Decomposer engine. |
| Descripción: | Summary: Parsing of maliciously-formatted container files may cause memory corruption, integer overflow or buffer overflow in Symantecs Decomposer engine. Vulnerability Insight: In the TNEF unpacker, the overflow does not result in any detrimental actions due to underlying code. However this was an exposure due to improper implementation that could potentially be leveraged further, at some point, by a malicious individual. As such, it also was addressed in the engine update. Vulnerability Impact: Successful exploitation of these vulnerabilities typically results in an application-level denial of service but could result in arbitrary code execution. An attacker could potentially run arbitrary code by sending a specially crafted file to a user. Affected Software/OS: Symantec Messaging Gateway version 10.6.1-3 and prior. Solution: Update to version 10.6.1-4 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-2207 BugTraq ID: 91434 http://www.securityfocus.com/bid/91434 https://www.exploit-db.com/exploits/40031/ http://www.securitytracker.com/id/1036198 http://www.securitytracker.com/id/1036199 Common Vulnerability Exposure (CVE) ID: CVE-2016-2209 BugTraq ID: 91436 http://www.securityfocus.com/bid/91436 https://www.exploit-db.com/exploits/40037/ Common Vulnerability Exposure (CVE) ID: CVE-2016-2210 BugTraq ID: 91437 http://www.securityfocus.com/bid/91437 https://www.exploit-db.com/exploits/40032/ Common Vulnerability Exposure (CVE) ID: CVE-2016-2211 BugTraq ID: 91438 http://www.securityfocus.com/bid/91438 Common Vulnerability Exposure (CVE) ID: CVE-2016-3644 BugTraq ID: 91431 http://www.securityfocus.com/bid/91431 https://www.exploit-db.com/exploits/40034/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3645 BugTraq ID: 91439 http://www.securityfocus.com/bid/91439 https://www.exploit-db.com/exploits/40035/ Common Vulnerability Exposure (CVE) ID: CVE-2016-3646 BugTraq ID: 91435 http://www.securityfocus.com/bid/91435 https://www.exploit-db.com/exploits/40036/ |
| Copyright | Copyright (C) 2016 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |