The version of Symantec Endpoint Protection Client installed on the remote host is 12.1 prior to 12.1 RU6 MP5. It is, therefore, affected by multiple vulnerabilities :

  - An array indexing error exists in the UnRAR component in     the Unpack::ShortLZ() function in unpack15.cpp that is     triggered when decompressing RAR files. An     unauthenticated, remote attacker can exploit this, via a     specially crafted RAR file, to corrupt memory, resulting     in the execution of arbitrary code. (CVE-2016-2207)

  - An overflow condition exists when handling PowerPoint     documents due to improper validation of user-supplied     input when handling a misaligned stream-cache. An     unauthenticated, remote attacker can exploit this, via a     specially crafted PPT file, to cause a stack-based     buffer overflow, resulting in the execution of arbitrary     code. (CVE-2016-2209)

  - An overflow condition exists in the     CSymLHA::get_header() function in Dec2LHA.dll that is     triggered when decompressing LZH and LHA archives. An     unauthenticated, remote attacker can exploit this, via a     specially crafted file, to cause a stack-based buffer     overflow, resulting in the execution of arbitrary code.
    (CVE-2016-2210)

  - Multiple flaws exist in the libmspack library due to     improper validation of user-supplied input. An     unauthenticated, remote attacker can exploit these     issues, via a specially crafted file, to crash processes     linked against the library or execute arbitrary code.
    (CVE-2016-2211)

  - An overflow condition exists in the     CMIMEParser::UpdateHeader() function due to improper     validation of user-supplied input when parsing MIME     messages. An unauthenticated, remote attacker can     exploit this, via a specially crafted MIME message, to     cause a heap-based buffer overflow, resulting in a     denial of service condition or the execution of     arbitrary code. (CVE-2016-3644)

  - An array indexing error exists in the scan engine     decomposer in the LPkOldFormatDecompressor::UnShrink()     function that is triggered when decoding ZIP archives.
    An unauthenticated, remote attacker can exploit this,     via a specially crafted ZIP file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-3645)

  - An integer overflow condition exists in the     Attachment::setDataFromAttachment() function in     Dec2TNEF.dll that is triggered when decoding TNEF files.
    An unauthenticated, remote attacker can exploit this,     via a specially crafted TNEF file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-3646)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Symantec Protection Engine installed on the remote host is 7.0.x prior to 7.0.5 HF01, 7.5.x prior to 7.5.3 HF03, or 7.8.x prior to 7.8.0 HF01. It is, therefore, affected by multiple vulnerabilities :

  - An array indexing error exists in the Unpack::ShortLZ()     function within file unpack15.cpp due to improper     validation of input when decompressing RAR files. An     unauthenticated, remote attacker can exploit this, via     a specially crafted file, to corrupt memory, resulting     in a denial of service condition or the execution of     arbitrary code. (CVE-2016-2207)

  - A stack-based buffer overflow condition exists when     handling PowerPoint files due to improper validation of     user-supplied input while handling misaligned stream     caches. An unauthenticated, remote attacker can exploit     this, via a specially crafted PPT file, to cause a     denial of service condition or the execution of     arbitrary code. (CVE-2016-2209)

  - A stack-based buffer overflow condition exists in the     CSymLHA::get_header() function within file Dec2LHA.dll     due to improper validation of user-supplied input when     decompressing LZH and LHA archive files. An     unauthenticated, remote attacker can exploit this, via a     specially crafted archive file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-2210)

  - Multiple unspecified flaws exist in libmspack library     due to improper validation of user-supplied input. An     unauthenticated, remote attacker can exploit these, via     a specially crafted CAB file, to corrupt memory,     resulting in a denial of service condition or the     execution of arbitrary code. (CVE-2016-2211)

  - A heap buffer overflow condition exists in the     CMIMEParser::UpdateHeader() function due to improper     validation of user-supplied input when parsing MIME     messages. An unauthenticated, remote attacker can     exploit this, via a specially crafted MIME message, to     cause a denial of service condition or the execution of     arbitrary code. (CVE-2016-3644)

  - An integer overflow condition exists in the     Attachment::setDataFromAttachment() function within file     Dec2TNEF.dll due to improper validation of user-supplied     input when decoding TNEF files. An unauthenticated,     remote attacker can exploit this, via a specially     crafted TNEF file, to cause a denial of service     condition or the execution of arbitrary code.
    (CVE-2016-3645)

  - An array indexing error exists in the     ALPkOldFormatDecompressor::UnShrink() function within     the scan engine decomposer due to improper validation of     input when decoding ZIP files. An unauthenticated,     remote attacker can exploit this, via a specially     crafted ZIP file, to corrupt memory, resulting in a     denial of service condition or the execution of     arbitrary code. (CVE-2016-3646)

The version of Symantec Mail Security for Exchange or Domino installed on the remote Windows host is affected by multiple vulnerabilities in the decomposer engine :

  - An array indexing error exists in the UnRAR component in     the Unpack::ShortLZ() function in unpack15.cpp that is     triggered when decompressing RAR files. An     unauthenticated, remote attacker can exploit this, via a     specially crafted RAR file, to corrupt memory, resulting     in the execution of arbitrary code. (CVE-2016-2207)

  - An overflow condition exists when handling PowerPoint     documents due to improper validation of user-supplied     input when handling a misaligned stream-cache. An     unauthenticated, remote attacker can exploit this, via a     specially crafted PPT file, to cause a stack-based     buffer overflow, resulting in the execution of arbitrary     code. (CVE-2016-2209)

  - An overflow condition exists in the     CSymLHA::get_header() function in Dec2LHA.dll that is     triggered when decompressing LZH and LHA archives. An     unauthenticated, remote attacker can exploit this, via a     specially crafted file, to cause a stack-based buffer     overflow, resulting in the execution of arbitrary code.
    (CVE-2016-2210)

  - Multiple flaws exist in the libmspack library due to     improper validation of user-supplied input. An     unauthenticated, remote attacker can exploit these     issues, via a specially crafted file, to crash processes     linked against the library or execute arbitrary code.
    (CVE-2016-2211)

  - An overflow condition exists in the     CMIMEParser::UpdateHeader() function due to improper     validation of user-supplied input when parsing MIME     messages. An unauthenticated, remote attacker can     exploit this, via a specially crafted MIME message, to     cause a heap-based buffer overflow, resulting in a     denial of service condition or the execution of     arbitrary code. (CVE-2016-3644)

  - An array indexing error exists in the scan engine     decomposer in the LPkOldFormatDecompressor::UnShrink()     function that is triggered when decoding ZIP archives.
    An unauthenticated, remote attacker can exploit this,     via a specially crafted ZIP file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-3645)

  - An integer overflow condition exists in the     Attachment::setDataFromAttachment() function in     Dec2TNEF.dll that is triggered when decoding TNEF files.
    An unauthenticated, remote attacker can exploit this,     via a specially crafted TNEF file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-3646)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Symantec Protection for SharePoint Servers installed on the remote host is 6.0.3 to 6.0.5 prior to HF1.5 or 6.0.6 prior to HF1.6. It is, therefore, affected by multiple vulnerabilities :

  - An array indexing error exists in the Unpack::ShortLZ()     function within file unpack15.cpp due to improper     validation of input when decompressing RAR files. An     unauthenticated, remote attacker can exploit this, via     a specially crafted file, to corrupt memory, resulting     in a denial of service condition or the execution of     arbitrary code. (CVE-2016-2207)

  - A stack-based buffer overflow condition exists when     handling PowerPoint files due to improper validation of     user-supplied input while handling misaligned stream     caches. An unauthenticated, remote attacker can exploit     this, via a specially crafted PPT file, to cause a     denial of service condition or the execution of     arbitrary code. (CVE-2016-2209)

  - A stack-based buffer overflow condition exists in the     CSymLHA::get_header() function within file Dec2LHA.dll     due to improper validation of user-supplied input when     decompressing LZH and LHA archive files. An     unauthenticated, remote attacker can exploit this, via a     specially crafted archive file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-2210)

  - Multiple unspecified flaws exist in libmspack library     due to improper validation of user-supplied input. An     unauthenticated, remote attacker can exploit these, via     a specially crafted CAB file, to corrupt memory,     resulting in a denial of service condition or the     execution of arbitrary code. (CVE-2016-2211)

  - A heap buffer overflow condition exists in the     CMIMEParser::UpdateHeader() function due to improper     validation of user-supplied input when parsing MIME     messages. An unauthenticated, remote attacker can     exploit this, via a specially crafted MIME message, to     cause a denial of service condition or the execution of     arbitrary code. (CVE-2016-3644)

  - An integer overflow condition exists in the     Attachment::setDataFromAttachment() function within file     Dec2TNEF.dll due to improper validation of user-supplied     input when decoding TNEF files. An unauthenticated,     remote attacker can exploit this, via a specially     crafted TNEF file, to cause a denial of service     condition or the execution of arbitrary code.
    (CVE-2016-3645)

  - An array indexing error exists in the     ALPkOldFormatDecompressor::UnShrink() function within     the scan engine decomposer due to improper validation of     input when decoding ZIP files. An unauthenticated,     remote attacker can exploit this, via a specially     crafted ZIP file, to corrupt memory, resulting in a     denial of service condition or the execution of     arbitrary code. (CVE-2016-3646)

According to its self-reported version number, the Symantec Messaging Gateway (SMG) running on the remote host is 10.x prior to 10.6.1-4. It is, therefore, affected by multiple vulnerabilities :

  - An array indexing error exists in the UnRAR component in     the Unpack::ShortLZ() function in unpack15.cpp that is     triggered when decompressing RAR files. An     unauthenticated, remote attacker can exploit this, via a     specially crafted RAR file, to corrupt memory, resulting     in the execution of arbitrary code. (CVE-2016-2207)

  - An overflow condition exists when handling PowerPoint     documents due to improper validation of user-supplied     input when handling a misaligned stream-cache. An     unauthenticated, remote attacker can exploit this, via a     specially crafted PPT file, to cause a stack-based     buffer overflow, resulting in the execution of arbitrary     code. (CVE-2016-2209)

  - An overflow condition exists in the     CSymLHA::get_header() function in Dec2LHA.dll that is     triggered when decompressing LZH and LHA archives. An     unauthenticated, remote attacker can exploit this, via a     specially crafted file, to cause a stack-based buffer     overflow, resulting in the execution of arbitrary code.
    (CVE-2016-2210)

  - Multiple flaws exist in the libmspack library due to     improper validation of user-supplied input. An     unauthenticated, remote attacker can exploit these     issues, via a specially crafted file, to crash processes     linked against the library or execute arbitrary code.
    (CVE-2016-2211)

  - An overflow condition exists in the     CMIMEParser::UpdateHeader() function due to improper     validation of user-supplied input when parsing MIME     messages. An unauthenticated, remote attacker can     exploit this, via a specially crafted MIME message, to     cause a heap-based buffer overflow, resulting in a     denial of service condition or the execution of     arbitrary code. (CVE-2016-3644)

  - An array indexing error exists in the scan engine     decomposer in the LPkOldFormatDecompressor::UnShrink()     function that is triggered when decoding ZIP archives.
    An unauthenticated, remote attacker can exploit this,     via a specially crafted ZIP file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-3645)

  - An integer overflow condition exists in the     Attachment::setDataFromAttachment() function in     Dec2TNEF.dll that is triggered when decoding TNEF files.
    An unauthenticated, remote attacker can exploit this,     via a specially crafted TNEF file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-3646)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

According to its self-reported anti-virus definition version number, the remote web server is hosting a version of Symantec Web Gateway with an anti-virus definition version prior to 20160628.037. It is, therefore, affected by multiple vulnerabilities :

  - An array indexing error exists in the UnRAR component in     the Unpack::ShortLZ() function in unpack15.cpp that is     triggered when decompressing RAR files. An     unauthenticated, remote attacker can exploit this, via a     specially crafted RAR file, to corrupt memory, resulting     in the execution of arbitrary code. (CVE-2016-2207)

  - An overflow condition exists when handling PowerPoint     documents due to improper validation of user-supplied     input when handling a misaligned stream-cache. An     unauthenticated, remote attacker can exploit this, via a     specially crafted PPT file, to cause a stack-based     buffer overflow, resulting in the execution of arbitrary     code. (CVE-2016-2209)

  - An overflow condition exists in the     CSymLHA::get_header() function in Dec2LHA.dll that is     triggered when decompressing LZH and LHA archives. An     unauthenticated, remote attacker can exploit this, via a     specially crafted file, to cause a stack-based buffer     overflow, resulting in the execution of arbitrary code.
    (CVE-2016-2210)

  - Multiple flaws exist in the libmspack library due to     improper validation of user-supplied input. An     unauthenticated, remote attacker can exploit these     issues, via a specially crafted file, to crash processes     linked against the library or execute arbitrary code.
    (CVE-2016-2211)

  - An overflow condition exists in the     CMIMEParser::UpdateHeader() function due to improper     validation of user-supplied input when parsing MIME     messages. An unauthenticated, remote attacker can     exploit this, via a specially crafted MIME message, to     cause a heap-based buffer overflow, resulting in a     denial of service condition or the execution of     arbitrary code. (CVE-2016-3644)

  - An array indexing error exists in the scan engine     decomposer in the LPkOldFormatDecompressor::UnShrink()     function that is triggered when decoding ZIP archives.
    An unauthenticated, remote attacker can exploit this,     via a specially crafted ZIP file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-3645)

  - An integer overflow condition exists in the     Attachment::setDataFromAttachment() function in     Dec2TNEF.dll that is triggered when decoding TNEF files.
    An unauthenticated, remote attacker can exploit this,     via a specially crafted TNEF file, to cause a denial of     service condition or the execution of arbitrary code.
    (CVE-2016-3646)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Published	Updated	Severity
91895	Symantec Endpoint Protection Client 12.1.x < 12.1 RU6 MP5 Multiple Vulnerabilities (SYM16-010)	Nessus	Windows	6/30/2016	11/14/2019	high
93344	Symantec Protection Engine 7.0.x < 7.0.5 HF01 / 7.5.x < 7.5.3 HF03 / 7.8.x < 7.8.0 HF01 Multiple Vulnerabilities (SYM16-010)	Nessus	Windows	9/7/2016	11/14/2019	high
91915	Symantec Mail Security for Exchange / Domino Decomposer Engine Multiple Vulnerabilities (SYM16-010)	Nessus	Windows	7/1/2016	11/19/2019	high
93408	Symantec Protection for SharePoint Servers 6.0.3 to 6.0.5 < HF1.5 / 6.0.6 < HF1.6 Multiple Vulnerabilities (SYM16-010)	Nessus	Windows	9/9/2016	11/14/2019	high
91896	Symantec Messaging Gateway 10.x < 10.6.1-4 Multiple Vulnerabilities (SYM16-010)	Nessus	CGI abuses	6/30/2016	11/19/2019	high
92001	Symantec Web Gateway Anti-Virus Definition < 20160628.037 Multiple Vulnerabilities (SYM16-010) (credentialed check)	Nessus	CGI abuses	7/12/2016	11/19/2019	high
93345	Symantec Protection Engine 7.0.x < 7.0.5 HF01 / 7.5.x < 7.5.3 HF03 / 7.8.x < 7.8.0 HF01 Multiple Vulnerabilities (SYM16-010) (*nix check)	Nessus	Misc.	9/7/2016	7/24/2024	high

Detections

Analytics

Plugins Search

high

high

high

high

high

high

high