CVE-2016-5308
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
12/07/2016
Last modified:
12/04/2025
Description
The Client Intrusion Detection System (CIDS) driver before 15.0.6 in Symantec Endpoint Protection (SEP) and before 15.1.2 in Norton Security allows remote attackers to cause a denial of service (memory corruption and system crash) via a malformed Portable Executable (PE) file.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Base Score 2.0
7.10
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:symantec:client_intrusion_detection_system:*:*:*:*:*:*:*:* | 15.1.2 (excluding) | |
| cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:symantec:client_intrusion_detection_system:*:*:*:*:*:*:*:* | 15.0.6 (excluding) | |
| cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/91608
- http://www.securitytracker.com/id/1036264
- http://www.securitytracker.com/id/1036265
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160707_01
- http://www.securityfocus.com/bid/91608
- http://www.securitytracker.com/id/1036264
- http://www.securitytracker.com/id/1036265
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160707_01