Symantec Messaging_gateway
16 CVEs affecting Symantec Messaging_gateway. Latest disclosed: 2017-12-20. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-6326 | Critical | 10.0 | 2017-06-26 | The Symantec Messaging Gateway can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to exe… |
CVE-2016-2204 | High | 8.2 | 2016-04-22 | The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-… |
CVE-2016-2203 | High | 7.8 | 2016-04-22 | The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveragin… |
CVE-2017-6324 | High | 7.3 | 2017-06-26 | The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro th… |
CVE-2017-6325 | Medium | 6.6 | 2017-06-26 | The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applica… |
CVE-2016-5312 | Medium | 6.5 | 2017-04-14 | Directory traversal vulnerability in the charting component in Symantec Messaging Gateway before 10.6.2 allows remote authenticated users to read arbitrary fil… |
CVE-2017-15532 | Medium | 5.7 | 2017-12-20 | Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to ac… |
CVE-2016-5310 | Medium | 5.5 | 2017-04-14 | The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec… |
CVE-2016-5309 | Medium | 5.5 | 2017-04-14 | The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec… |
CVE-2014-1648 | | 2014-04-23 | Cross-site scripting (XSS) vulnerability in brightmail/setting/compliance/DlpConnectFlow$view.flo in the management console in Symantec Messaging Gateway 10.x… | |
CVE-2012-4347 | | 2012-12-05 | Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbit… | |
CVE-2012-3581 | | 2012-08-29 | Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vecto… | |
CVE-2012-3580 | | 2012-08-29 | Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface. | |
CVE-2012-3579 | | 2012-08-29 | Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged… | |
CVE-2012-0308 | | 2012-08-29 | Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of adminis… | |
CVE-2012-0307 | | 2012-08-29 | Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HT… |