CVE-2007-3095
First published: Wed Jun 06 2007(Updated: )
Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to "disable the authentication system" and bypass authentication via unknown vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Client Security | =3.1 | |
| Symantec Client Security | =3.1.394 | |
| Symantec Client Security | =3.1.396 | |
| Symantec Client Security | =3.1.400 | |
| Symantec Client Security | =3.1.401 | |
| Symantec Norton Antivirus with Backup | =10.0.2.2021 | |
| Symantec Norton Antivirus with Backup | =10.1 | |
| Symantec Norton Antivirus with Backup | =10.1.396 | |
| Symantec Norton Antivirus with Backup | =10.1.400 | |
| Symantec Norton Antivirus with Backup | =10.1.401 | |
| Symantec Reporting Server | <=1.0.197.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/36107
- http://secunia.com/advisories/25543
- http://www.securityfocus.com/bid/24325
- http://www.securitytracker.com/id?1018196
- http://www.symantec.com/avcenter/security/Content/2007.06.05.html
- http://www.vupen.com/english/advisories/2007/2074
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34895
Frequently Asked Questions
What is the severity of CVE-2007-3095?
CVE-2007-3095 is classified as a vulnerability that allows attackers to disable the authentication system.
Which versions are affected by CVE-2007-3095?
CVE-2007-3095 affects Symantec Reporting Server versions up to 1.0.197.0 and various versions of Symantec Client Security and Norton Antivirus that precede 1.0.224.0 and 10.1 respectively.
How do I fix CVE-2007-3095?
To mitigate CVE-2007-3095, update to the latest versions of Symantec Reporting Server and the affected Symantec Client Security or Norton Antivirus products.
What impact can CVE-2007-3095 have on my system?
CVE-2007-3095 can allow attackers to bypass authentication, potentially leading to unauthorized access and control over the affected systems.
Is there any workaround for CVE-2007-3095?
There are no specific workarounds for CVE-2007-3095; updating the affected software is the recommended approach.
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/last-modified-date
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/symantec
- canonical/symantec client security
- version/symantec client security/3.1
- version/symantec client security/3.1.394
- version/symantec client security/3.1.396
- version/symantec client security/3.1.400
- version/symantec client security/3.1.401
- canonical/symantec norton antivirus with backup
- version/symantec norton antivirus with backup/10.0.2.2021
- version/symantec norton antivirus with backup/10.1
- version/symantec norton antivirus with backup/10.1.396
- version/symantec norton antivirus with backup/10.1.400
- version/symantec norton antivirus with backup/10.1.401
- canonical/symantec reporting server
- version/symantec reporting server/1.0.197.0