CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9094

Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.4%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

Products affected by CVE-2016-9094

Symantec » Endpoint Protection » Version: N/A

cpe:2.3:a:symantec:endpoint_protection:-
Symantec » Endpoint Protection » Version: 11

cpe:2.3:a:symantec:endpoint_protection:11
Symantec » Endpoint Protection » Version: 11.0

cpe:2.3:a:symantec:endpoint_protection:11.0
Symantec » Endpoint Protection » Version: 11.0.1

cpe:2.3:a:symantec:endpoint_protection:11.0.1
Symantec » Endpoint Protection » Version: 11.0.2

cpe:2.3:a:symantec:endpoint_protection:11.0.2
Symantec » Endpoint Protection » Version: 11.0.3001

cpe:2.3:a:symantec:endpoint_protection:11.0.3001
Symantec » Endpoint Protection » Version: 11.0.4

cpe:2.3:a:symantec:endpoint_protection:11.0.4
Symantec » Endpoint Protection » Version: 11.0.6000

cpe:2.3:a:symantec:endpoint_protection:11.0.6000
Symantec » Endpoint Protection » Version: 11.0.6100

cpe:2.3:a:symantec:endpoint_protection:11.0.6100
Symantec » Endpoint Protection » Version: 11.0.6200

cpe:2.3:a:symantec:endpoint_protection:11.0.6200
Symantec » Endpoint Protection » Version: 11.0.6200.754

cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754
Symantec » Endpoint Protection » Version: 11.0.6300

cpe:2.3:a:symantec:endpoint_protection:11.0.6300
Symantec » Endpoint Protection » Version: 11.0.7

cpe:2.3:a:symantec:endpoint_protection:11.0.7
Symantec » Endpoint Protection » Version: 11.0.7.1

cpe:2.3:a:symantec:endpoint_protection:11.0.7.1
Symantec » Endpoint Protection » Version: 11.0.7.2

cpe:2.3:a:symantec:endpoint_protection:11.0.7.2
Symantec » Endpoint Protection » Version: 11.0.7.3

cpe:2.3:a:symantec:endpoint_protection:11.0.7.3
Symantec » Endpoint Protection » Version: 11.0.7000

cpe:2.3:a:symantec:endpoint_protection:11.0.7000
Symantec » Endpoint Protection » Version: 11.0.7100

cpe:2.3:a:symantec:endpoint_protection:11.0.7100
Symantec » Endpoint Protection » Version: 12.0

cpe:2.3:a:symantec:endpoint_protection:12.0
Symantec » Endpoint Protection » Version: 12.0.1001.95

cpe:2.3:a:symantec:endpoint_protection:12.0.1001.95
Symantec » Endpoint Protection » Version: 12.0.122.192

cpe:2.3:a:symantec:endpoint_protection:12.0.122.192
Symantec » Endpoint Protection » Version: 12.1

cpe:2.3:a:symantec:endpoint_protection:12.1
Symantec » Endpoint Protection » Version: 12.1.1

cpe:2.3:a:symantec:endpoint_protection:12.1.1
Symantec » Endpoint Protection » Version: 12.1.1.1

cpe:2.3:a:symantec:endpoint_protection:12.1.1.1
Symantec » Endpoint Protection » Version: 12.1.1000

cpe:2.3:a:symantec:endpoint_protection:12.1.1000
Symantec » Endpoint Protection » Version: 12.1.1000.157

cpe:2.3:a:symantec:endpoint_protection:12.1.1000.157
Symantec » Endpoint Protection » Version: 12.1.1101.401

cpe:2.3:a:symantec:endpoint_protection:12.1.1101.401
Symantec » Endpoint Protection » Version: 12.1.2

cpe:2.3:a:symantec:endpoint_protection:12.1.2
Symantec » Endpoint Protection » Version: 12.1.2.1

cpe:2.3:a:symantec:endpoint_protection:12.1.2.1
Symantec » Endpoint Protection » Version: 12.1.2015.2015

cpe:2.3:a:symantec:endpoint_protection:12.1.2015.2015
Symantec » Endpoint Protection » Version: 12.1.2100.2093

cpe:2.3:a:symantec:endpoint_protection:12.1.2100.2093
Symantec » Endpoint Protection » Version: 12.1.3

cpe:2.3:a:symantec:endpoint_protection:12.1.3
Symantec » Endpoint Protection » Version: 12.1.3001.165

cpe:2.3:a:symantec:endpoint_protection:12.1.3001.165
Symantec » Endpoint Protection » Version: 12.1.4

cpe:2.3:a:symantec:endpoint_protection:12.1.4
Symantec » Endpoint Protection » Version: 12.1.4.1

cpe:2.3:a:symantec:endpoint_protection:12.1.4.1
Symantec » Endpoint Protection » Version: 12.1.4.1a

cpe:2.3:a:symantec:endpoint_protection:12.1.4.1a
Symantec » Endpoint Protection » Version: 12.1.4.1b

cpe:2.3:a:symantec:endpoint_protection:12.1.4.1b
Symantec » Endpoint Protection » Version: 12.1.4013.4013

cpe:2.3:a:symantec:endpoint_protection:12.1.4013.4013
Symantec » Endpoint Protection » Version: 12.1.4023.4080

cpe:2.3:a:symantec:endpoint_protection:12.1.4023.4080
Symantec » Endpoint Protection » Version: 12.1.4100.4126

cpe:2.3:a:symantec:endpoint_protection:12.1.4100.4126
Symantec » Endpoint Protection » Version: 12.1.4104.4130

cpe:2.3:a:symantec:endpoint_protection:12.1.4104.4130
Symantec » Endpoint Protection » Version: 12.1.4112.4156

cpe:2.3:a:symantec:endpoint_protection:12.1.4112.4156
Symantec » Endpoint Protection » Version: 12.1.4a

cpe:2.3:a:symantec:endpoint_protection:12.1.4a
Symantec » Endpoint Protection » Version: 12.1.5

cpe:2.3:a:symantec:endpoint_protection:12.1.5
Symantec » Endpoint Protection » Version: 12.1.5337.5000

cpe:2.3:a:symantec:endpoint_protection:12.1.5337.5000
Symantec » Endpoint Protection » Version: 12.1.6

cpe:2.3:a:symantec:endpoint_protection:12.1.6
Symantec » Endpoint Protection » Version: 12.1.6168.6000

cpe:2.3:a:symantec:endpoint_protection:12.1.6168.6000
Symantec » Endpoint Protection » Version: 12.1.6306.6100

cpe:2.3:a:symantec:endpoint_protection:12.1.6306.6100
Symantec » Endpoint Protection » Version: 12.1.6318.6100

cpe:2.3:a:symantec:endpoint_protection:12.1.6318.6100
Symantec » Endpoint Protection » Version: 12.1.6465.6200

cpe:2.3:a:symantec:endpoint_protection:12.1.6465.6200
Symantec » Endpoint Protection » Version: 12.1.6608.6300

cpe:2.3:a:symantec:endpoint_protection:12.1.6608.6300
Symantec » Endpoint Protection » Version: 12.1.671

cpe:2.3:a:symantec:endpoint_protection:12.1.671
Symantec » Endpoint Protection » Version: 12.1.671.4971

cpe:2.3:a:symantec:endpoint_protection:12.1.671.4971
Symantec » Endpoint Protection » Version: 12.1.6867.6400

cpe:2.3:a:symantec:endpoint_protection:12.1.6867.6400
Symantec » Endpoint Protection » Version: 12.1.7004.6500

cpe:2.3:a:symantec:endpoint_protection:12.1.7004.6500
Symantec » Endpoint Protection » Version: 12.1.7061.6600

cpe:2.3:a:symantec:endpoint_protection:12.1.7061.6600
Symantec » Endpoint Protection » Version: 12.1.7166.6700

cpe:2.3:a:symantec:endpoint_protection:12.1.7166.6700
Symantec » Endpoint Protection » Version: 12.1.7266.6800

cpe:2.3:a:symantec:endpoint_protection:12.1.7266.6800
Symantec » Endpoint Protection » Version: 12.1.7369.6900

cpe:2.3:a:symantec:endpoint_protection:12.1.7369.6900
Symantec » Endpoint Protection » Version: 12.1.7384.6902

cpe:2.3:a:symantec:endpoint_protection:12.1.7384.6902
Symantec » Endpoint Protection » Version: 12.1.7385.6902

cpe:2.3:a:symantec:endpoint_protection:12.1.7385.6902
Symantec » Endpoint Protection » Version: 12.1.7445.7000

cpe:2.3:a:symantec:endpoint_protection:12.1.7445.7000
Symantec » Endpoint Protection » Version: 12.1.7454.7000

cpe:2.3:a:symantec:endpoint_protection:12.1.7454.7000
Symantec » Endpoint Protection » Version: 12.1.7510.7002

cpe:2.3:a:symantec:endpoint_protection:12.1.7510.7002
Symantec » Endpoint Protection » Version: 14

cpe:2.3:a:symantec:endpoint_protection:14
Symantec » Endpoint Protection » Version: 14.0

cpe:2.3:a:symantec:endpoint_protection:14.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9094

Products

Pricing

Contact Us