NVD

Id
46212  
Name
CVE-2012-4953  
Description
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2012-11-14  
Modified Date
2013-03-11  
Seq
2012-4953  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
231741 46212 CVE-2012-4953 VU#985625  View
231742 46212 CVE-2012-4953 56399  View
231743 46212 CVE-2012-4953 1027726  View
231744 46212 CVE-2012-4953 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121107_00  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
29561 JVNDB-2012-005268 複数の Symantec 製品に脆弱性 Symantec 製の複数のアンチウィルス製品には、CAB ファイルの処理に脆弱性が存在します。 CVE-2012-4953 58191 CVE-2012-4953 46212 9.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005268.html 2012-11-06 2012-11-30 View