Vulnerability Details CVE-2004-0445
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.35
EPSS Ranking 96.8%
CVSS Severity
CVSS v2 Score 2.6
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
- http://secunia.com/advisories/11066
- http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
- http://securitytracker.com/id?1010144
- http://securitytracker.com/id?1010145
- http://securitytracker.com/id?1010146
- http://www.ciac.org/ciac/bulletins/o-141.shtml
- http://www.kb.cert.org/vuls/id/682110
- http://www.osvdb.org/6100
- http://www.securityfocus.com/bid/10336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16132
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/021359.html
- http://secunia.com/advisories/11066
- http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
- http://securitytracker.com/id?1010144
- http://securitytracker.com/id?1010145
- http://securitytracker.com/id?1010146
- http://www.ciac.org/ciac/bulletins/o-141.shtml
- http://www.kb.cert.org/vuls/id/682110
- http://www.osvdb.org/6100
- http://www.securityfocus.com/bid/10336
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16132
Products affected by CVE-2004-0445
-
cpe:2.3:a:symantec:client_firewall:5.01
-
cpe:2.3:a:symantec:client_firewall:5.1.1
-
cpe:2.3:a:symantec:client_security:1.0
-
cpe:2.3:a:symantec:client_security:1.1
-
cpe:2.3:a:symantec:client_security:1.2
-
cpe:2.3:a:symantec:client_security:1.3
-
cpe:2.3:a:symantec:client_security:1.4
-
cpe:2.3:a:symantec:client_security:1.5
-
cpe:2.3:a:symantec:client_security:1.6
-
cpe:2.3:a:symantec:client_security:1.7
-
cpe:2.3:a:symantec:client_security:1.8
-
cpe:2.3:a:symantec:client_security:1.9
-
cpe:2.3:a:symantec:client_security:2.0
-
cpe:2.3:a:symantec:norton_antispam:2004
-
cpe:2.3:a:symantec:norton_internet_security:2002
-
cpe:2.3:a:symantec:norton_internet_security:2003
-
cpe:2.3:a:symantec:norton_internet_security:2004
-
cpe:2.3:a:symantec:norton_personal_firewall:2002
-
cpe:2.3:a:symantec:norton_personal_firewall:2003
-
cpe:2.3:a:symantec:norton_personal_firewall:2004