Vulnerability Details CVE-2016-5308
The Client Intrusion Detection System (CIDS) driver before 15.0.6 in Symantec Endpoint Protection (SEP) and before 15.1.2 in Norton Security allows remote attackers to cause a denial of service (memory corruption and system crash) via a malformed Portable Executable (PE) file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 81.1%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 7.1
References
- http://www.securityfocus.com/bid/91608
- http://www.securitytracker.com/id/1036264
- http://www.securitytracker.com/id/1036265
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160707_01
- http://www.securityfocus.com/bid/91608
- http://www.securitytracker.com/id/1036264
- http://www.securitytracker.com/id/1036265
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160707_01
Products affected by CVE-2016-5308
-
cpe:2.3:a:symantec:client_intrusion_detection_system:*
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista