CVE-2016-3644

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message.

Published : 2016-06-30 23:59 Updated : 2019-07-16 12:23

10.0

CVSS Score More info

Score 10.0 / 10

Access vector NETWORK

A vulnerability exploitable with network access means the vulnerable software is bound to the network stack and the attacker does not require local network access or local access. Such a vulnerability is often termed "remotely exploitable". An example of a network attack is an RPC buffer overflow.

Access complexity LOW

Specialized access conditions or extenuating circumstances do not exist. The following are examples:

The affected product typically requires access to a wide range of systems and users, possibly anonymous and untrusted (e.g., Internet-facing web or mail server).
The affected configuration is default or ubiquitous.
The attack can be performed manually and requires little skill or additional information gathering.
The race condition is a lazy one (i.e., it is technically a race but easily winnable).

CPE (73)
Tree view

Vendor	Product	Version	URI
Symantec	Endpoint Protection	12.1.6	cpe:/a:symantec:endpoint_protection:12.1.6:mp4:~~~mac_os_x~~
Symantec	Norton Security	13.0.1	cpe:/a:symantec:norton_security:13.0.1::~~~mac_os_x~~
Symantec	Endpoint Protection	12.1.6	cpe:/a:symantec:endpoint_protection:12.1.6
Symantec	Endpoint Protection	12.1.6	cpe:/a:symantec:endpoint_protection:12.1.6:mp1
Symantec	Endpoint Protection	12.1.6	cpe:/a:symantec:endpoint_protection:12.1.6:mp2
Symantec	Endpoint Protection	12.1.6	cpe:/a:symantec:endpoint_protection:12.1.6:mp3
Symantec	Mail Security For Domino	8.0	cpe:/a:symantec:mail_security_for_domino:8.0
Symantec	Mail Security For Domino	8.0.1	cpe:/a:symantec:mail_security_for_domino:8.0.1
Symantec	Mail Security For Domino	8.0.2	cpe:/a:symantec:mail_security_for_domino:8.0.2
Symantec	Mail Security For Domino	8.0.3	cpe:/a:symantec:mail_security_for_domino:8.0.3
Symantec	Mail Security For Domino	8.0.5	cpe:/a:symantec:mail_security_for_domino:8.0.5
Symantec	Mail Security For Domino	8.0.6	cpe:/a:symantec:mail_security_for_domino:8.0.6
Symantec	Mail Security For Domino	8.0.7	cpe:/a:symantec:mail_security_for_domino:8.0.7
Symantec	Mail Security For Domino	8.0.8	cpe:/a:symantec:mail_security_for_domino:8.0.8
Symantec	Mail Security For Domino	8.1	cpe:/a:symantec:mail_security_for_domino:8.1
Symantec	Mail Security For Domino	8.1.1	cpe:/a:symantec:mail_security_for_domino:8.1.1
Symantec	Mail Security For Domino	8.1.2	cpe:/a:symantec:mail_security_for_domino:8.1.2
Symantec	Mail Security For Microsoft Exchange	7.0	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0
Symantec	Mail Security For Microsoft Exchange	7.0.1	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0.1
Symantec	Mail Security For Microsoft Exchange	7.0.2	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0.2
Symantec	Mail Security For Microsoft Exchange	7.0.3	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0.3
Symantec	Mail Security For Microsoft Exchange	7.5	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5
Symantec	Mail Security For Microsoft Exchange	7.5.1	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5.1
Symantec	Mail Security For Microsoft Exchange	7.5.2	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5.2
Symantec	Mail Security For Microsoft Exchange	7.5.3	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5.3
Symantec	Protection Engine	7.0.0	cpe:/a:symantec:protection_engine:7.0.0
Symantec	Protection Engine	7.0.1	cpe:/a:symantec:protection_engine:7.0.1
Symantec	Protection Engine	7.0.2	cpe:/a:symantec:protection_engine:7.0.2
Symantec	Protection Engine	7.0.3	cpe:/a:symantec:protection_engine:7.0.3
Symantec	Protection Engine	7.0.4	cpe:/a:symantec:protection_engine:7.0.4
Symantec	Protection Engine	7.5.0	cpe:/a:symantec:protection_engine:7.5.0
Symantec	Protection Engine	7.5.1	cpe:/a:symantec:protection_engine:7.5.1
Symantec	Protection Engine	7.5.2	cpe:/a:symantec:protection_engine:7.5.2
Symantec	Protection Engine	7.5.3	cpe:/a:symantec:protection_engine:7.5.3
Symantec	Protection For Sharepoint Servers	6.0	cpe:/a:symantec:protection_for_sharepoint_servers:6.0
Symantec	Protection For Sharepoint Servers	6.0.1	cpe:/a:symantec:protection_for_sharepoint_servers:6.0.1
Symantec	Protection For Sharepoint Servers	6.0.2	cpe:/a:symantec:protection_for_sharepoint_servers:6.0.2
Symantec	Protection For Sharepoint Servers	6.0.3	cpe:/a:symantec:protection_for_sharepoint_servers:6.0.3
Symantec	Protection For Sharepoint Servers	6.0.4	cpe:/a:symantec:protection_for_sharepoint_servers:6.0.4
Symantec	Protection For Sharepoint Servers	6.0.5	cpe:/a:symantec:protection_for_sharepoint_servers:6.0.5
Symantec	Protection For Sharepoint Servers	6.0.6	cpe:/a:symantec:protection_for_sharepoint_servers:6.0.6
Symantec	Advanced Threat Protection	2.0.3	cpe:/a:symantec:advanced_threat_protection:2.0.3
Symantec	Protection Engine	7.5.4	cpe:/a:symantec:protection_engine:7.5.4
Symantec	Protection Engine	7.8.0	cpe:/a:symantec:protection_engine:7.8.0
Symantec	Data Center Security Server	6.0	cpe:/a:symantec:data_center_security_server:6.0:mp1
Symantec	Protection For Sharepoint Servers	6.03	cpe:/a:symantec:protection_for_sharepoint_servers:6.03
Symantec	Protection For Sharepoint Servers	6.04	cpe:/a:symantec:protection_for_sharepoint_servers:6.04
Symantec	Protection For Sharepoint Servers	6.05	cpe:/a:symantec:protection_for_sharepoint_servers:6.05
Symantec	Data Center Security Server	6.5	cpe:/a:symantec:data_center_security_server:6.5:mp1
Symantec	Data Center Security Server	6.6	cpe:/a:symantec:data_center_security_server:6.6:mp1
Symantec	Data Center Security Server	6.6	cpe:/a:symantec:data_center_security_server:6.6
Symantec	Endpoint Protection	12.1.6	cpe:/a:symantec:endpoint_protection:12.1.6:mp4
Symantec	Norton 360		cpe:/a:symantec:norton_360
Symantec	Norton Antivirus		cpe:/a:symantec:norton_antivirus
Symantec	Norton Bootable Removal Tool	2016.0	cpe:/a:symantec:norton_bootable_removal_tool:2016.0
Symantec	Data Center Security Server	6.0	cpe:/a:symantec:data_center_security_server:6.0
Symantec	Mail Security For Microsoft Exchange	6.5.8	cpe:/a:symantec:mail_security_for_microsoft_exchange:6.5.8
Symantec	Ngc	22.6	cpe:/a:symantec:ngc:22.6
Symantec	Data Center Security Server	6.5	cpe:/a:symantec:data_center_security_server:6.5
Symantec	Mail Security For Microsoft Exchange	7.0.4	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0.4
Symantec	Message Gateway	10.6.1-3	cpe:/a:symantec:message_gateway:10.6.1-3
Symantec	Mail Security For Microsoft Exchange	7.5.4	cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5.4
Symantec	Norton Internet Security		cpe:/a:symantec:norton_internet_security
Symantec	Norton Security With Backup		cpe:/a:symantec:norton_security_with_backup
Symantec	Norton Power Eraser	5.0	cpe:/a:symantec:norton_power_eraser:5.0
Symantec	Mail Security For Domino	8.0.9	cpe:/a:symantec:mail_security_for_domino:8.0.9
Symantec	Endpoint Protection	12.1.6	cpe:/a:symantec:endpoint_protection:12.1.6:mp4:~~~linux~~
Symantec	Csapi	10.0.4	cpe:/a:symantec:csapi:10.0.4
Symantec	Mail Security For Domino	8.1.3	cpe:/a:symantec:mail_security_for_domino:8.1.3
Symantec	Message Gateway For Service Providers	10.5	cpe:/a:symantec:message_gateway_for_service_providers:10.5
Symantec	Message Gateway For Service Providers	10.6	cpe:/a:symantec:message_gateway_for_service_providers:10.6
Symantec	Norton Security		cpe:/a:symantec:norton_security
Symantec	Protection Engine	7.0.5	cpe:/a:symantec:protection_engine:7.0.5

Symantec (18) Search CVE
1. Norton Security With Backup (1) Search CVE
2. Endpoint Protection (1) Search CVE
  1. 12.1.6
3. Norton 360 (1) Search CVE
4. Norton Power Eraser (1) Search CVE
  1. 5.0
5. Norton Internet Security (1) Search CVE
6. Message Gateway For Service Providers (2) Search CVE
  1. 10.5
  2. 10.6
7. Mail Security For Domino (13) Search CVE
  1. 8.0
  2. 8.0.1
  3. 8.0.2
  4. 8.0.3
  5. 8.0.5
  6. 8.0.6
  7. 8.0.7
  8. 8.0.8
  9. 8.1
  10. 8.1.1
  11. 8.1.2
  12. 8.0.9
  13. 8.1.3
8. Protection For Sharepoint Servers (10) Search CVE
  1. 6.0
  2. 6.0.1
  3. 6.0.2
  4. 6.0.3
  5. 6.0.4
  6. 6.0.5
  7. 6.0.6
  8. 6.03
  9. 6.04
  10. 6.05
9. Mail Security For Microsoft Exchange (11) Search CVE
  1. 7.0
  2. 7.0.1
  3. 7.0.2
  4. 7.0.3
  5. 7.5
  6. 7.5.1
  7. 7.5.2
  8. 7.5.3
  9. 6.5.8
  10. 7.0.4
  11. 7.5.4
10. Data Center Security Server (3) Search CVE
  1. 6.0
  2. 6.5
  3. 6.6
11. Csapi (1) Search CVE
  1. 10.0.4
12. Advanced Threat Protection (1) Search CVE
  1. 2.0.3
13. Message Gateway (1) Search CVE
  1. 10.6.1-3
14. Ngc (1) Search CVE
  1. 22.6
15. Norton Antivirus (1) Search CVE
16. Norton Security (2) Search CVE
  1. 13.0.1
17. Protection Engine (12) Search CVE
  1. 7.0.0
  2. 7.0.1
  3. 7.0.2
  4. 7.0.3
  5. 7.0.4
  6. 7.5.0
  7. 7.5.1
  8. 7.5.2
  9. 7.5.3
  10. 7.5.4
  11. 7.8.0
  12. 7.0.5
18. Norton Bootable Removal Tool (1) Search CVE
  1. 2016.0

CWE

ID	Name	Description	Links
CWE-20	Improper Input Validation	The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program.		CVE

References

Source	Link
BID	http://www.securityfocus.com/bid/91431
SECTRACK	http://www.securitytracker.com/id/1036199
CONFIRM	https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00
SECTRACK	http://www.securitytracker.com/id/1036198
EXPLOIT-DB	https://www.exploit-db.com/exploits/40034/

History of changes

Date

Event

2019-07-16 12:23

CPEs changed

39 added

cpe:/a:symantec:endpoint_protection:12.1.6 (Symantec / Endpoint Protection)
cpe:/a:symantec:endpoint_protection:12.1.6:mp1 (Symantec / Endpoint Protection)
cpe:/a:symantec:endpoint_protection:12.1.6:mp2 (Symantec / Endpoint Protection)
cpe:/a:symantec:endpoint_protection:12.1.6:mp3 (Symantec / Endpoint Protection)
cpe:/a:symantec:mail_security_for_domino:8.0 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.0.1 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.0.2 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.0.3 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.0.5 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.0.6 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.0.7 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.0.8 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.1 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.1.1 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_domino:8.1.2 (Symantec / Mail Security For Domino)
cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0 (Symantec / Mail Security For Microsoft Exchange)
cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0.1 (Symantec / Mail Security For Microsoft Exchange)
cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0.2 (Symantec / Mail Security For Microsoft Exchange)
cpe:/a:symantec:mail_security_for_microsoft_exchange:7.0.3 (Symantec / Mail Security For Microsoft Exchange)
cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5 (Symantec / Mail Security For Microsoft Exchange)
cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5.1 (Symantec / Mail Security For Microsoft Exchange)
cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5.2 (Symantec / Mail Security For Microsoft Exchange)
cpe:/a:symantec:mail_security_for_microsoft_exchange:7.5.3 (Symantec / Mail Security For Microsoft Exchange)
cpe:/a:symantec:protection_engine:7.0.0 (Symantec / Protection Engine)
cpe:/a:symantec:protection_engine:7.0.1 (Symantec / Protection Engine)
cpe:/a:symantec:protection_engine:7.0.2 (Symantec / Protection Engine)
cpe:/a:symantec:protection_engine:7.0.3 (Symantec / Protection Engine)
cpe:/a:symantec:protection_engine:7.0.4 (Symantec / Protection Engine)
cpe:/a:symantec:protection_engine:7.5.0 (Symantec / Protection Engine)
cpe:/a:symantec:protection_engine:7.5.1 (Symantec / Protection Engine)
cpe:/a:symantec:protection_engine:7.5.2 (Symantec / Protection Engine)
cpe:/a:symantec:protection_engine:7.5.3 (Symantec / Protection Engine)
cpe:/a:symantec:protection_for_sharepoint_servers:6.0 (Symantec / Protection For Sharepoint Servers)
cpe:/a:symantec:protection_for_sharepoint_servers:6.0.1 (Symantec / Protection For Sharepoint Servers)
cpe:/a:symantec:protection_for_sharepoint_servers:6.0.2 (Symantec / Protection For Sharepoint Servers)
cpe:/a:symantec:protection_for_sharepoint_servers:6.0.3 (Symantec / Protection For Sharepoint Servers)
cpe:/a:symantec:protection_for_sharepoint_servers:6.0.4 (Symantec / Protection For Sharepoint Servers)
cpe:/a:symantec:protection_for_sharepoint_servers:6.0.5 (Symantec / Protection For Sharepoint Servers)
cpe:/a:symantec:protection_for_sharepoint_servers:6.0.6 (Symantec / Protection For Sharepoint Servers)

1 removed

cpe:/a:symantec:protection_for_sharepoint_servers:6.06 (Symantec / Protection For Sharepoint Servers)

References changed

4 changed

https://www.exploit-db.com/exploits/40034/	UNKNOWN->VENDOR_ADVISORY
http://www.securitytracker.com/id/1036198	UNKNOWN->VENDOR_ADVISORY
http://www.securityfocus.com/bid/91431	UNKNOWN->VENDOR_ADVISORY
http://www.securitytracker.com/id/1036199	UNKNOWN->VENDOR_ADVISORY

2018-10-30 16:27

CPEs changed

2 added

cpe:/a:symantec:endpoint_protection:12.1.6:mp4:~~~mac_os_x~~ (Symantec / Endpoint Protection)
cpe:/a:symantec:norton_security:13.0.1::~~~mac_os_x~~ (Symantec / Norton Security)

2 removed

cpe:/a:symantec:endpoint_protection:12.1.6:mp4:~~~mac~~ (Symantec / Endpoint Protection)
cpe:/a:symantec:norton_security:13.0.1::~~~mac~~ (Symantec / Norton Security)

2017-09-03 05:58

References changed

1 added

EXPLOIT-DB

https://www.exploit-db.com/exploits/40034/

2017-09-01 06:00

References changed

2 added

SECTRACK	http://www.securitytracker.com/id/1036198
SECTRACK	http://www.securitytracker.com/id/1036199

2016-06-30 23:59

CVE-2016-3644

Score 10.0 / 10

Access vector NETWORK

Access complexity LOW

Authentication NONE

Confidentiality impact COMPLETE

Integrity impact COMPLETE

Availability impact COMPLETE

CWE

References

History of changes

CPEs changed

References changed

CPEs changed

References changed

References changed

New CVE