WelcomeEnterpriseSmall BusinessHome & Home OfficePartnersAbout Symantec
October 07, 2007
Symantec Network Security 7100 Series / 4.0 Security Update 88

Description

Run the LiveUpdate feature of Symantec Network Security to install the latest Engine Updates and Security Updates.

For information on LiveUpdate, see the Administration Guide: [ 7100 Series | 4.0 ]

Security Update 88 adds coverage for the following vulnerabilities and threats:

  • HTTP Apple QuickTime QTL Code Execution
  • HTTP Kodak Image Viewer Malformed TIFF Code Exec
  • HTTP LinkedIn Toolbar ActiveX BO
  • HTTP Macromedia Flash ActiveX DOS
  • HTTP MS Outlook ActiveX IE DoS
  • HTTP MS SharePoint Server XSS
  • HTTP MS SQL Server SQLDMO Activex BO
  • HTTP MS VDT DB Designer ActiveX BO
  • HTTP MS Virtual Machine Prog Exec
  • HTTP MS Visual Studio VB To VSI ActiveX File Overwrite
  • HTTP MS XML Core Services Info Disc
  • HTTP Norton 2004 ISAlert BO
  • HTTP Sun Java WebStart JNLP BO
  • HTTP Symantec Norton Ghost Remote DLL BO
  • HTTP Visual Studio PDWizard ActiveX Code Exec
  • HTTP Windows Shell User Unauth User Create
  • HTTP XunLei WebThunder DownURL2 ActiveX File Download
  • HTTP Zenturi DebugMsgLog ActiveX BO
  • MS Outlook Express NNTP XHDR DoS
  • MS RPC NTLM Auth DoS
  • Samba RPC spoolss SMBRun Cmd Exec
  • Symantec NetBackup Unauthorized Cmd Exec
  • UDP Apple Mac OSX mResponder BO
  • HTTP Yahoo! Messenger CYFT Control GetFile

Security Update 88 provides updated coverage for the following vulnerabilities and threats:

  • HTTP AWSTATS LoadPlugin Cmd Exec
  • HTTP AWSTATS Logfile Cmd Exec
  • HTTP AWSTATS LoadPlugin Cmd Exec
  • HTTP AWSTATS Logfile Cmd Exec
  • AwStats Logfile Input Validation Vul
  • HTTP AWSTATS Plugin Cmd Exec
  • HTTP AWStats Remote Cmd Exec
  • Biborb Directory Traversal
  • HTTP BookedSpace Activity
  • CWSIEFEATS Data Transfer
  • Ebates Moemoney Popup Activity
  • Ebates Moemoney Tracking Activity
  • HTTP Embed Tag NPDSPlay DLL BO
  • HTTP EzMeeting BO
  • HTTP FormMail Cmd Exec
  • FTP Generic Command Overflow
  • FTP GD Graphics PngLib BO
  • HTTP GD Graphics PngLib BO
  • NFS GD Graphics PngLib BO
  • HTTP HappyMall Member Cmd Exec
  • HTML WinHelp Item BO
  • HTTP ABXToolbar Activity
  • ActiveSearch Search Activity
  • Adbars Search Activity
  • Adblock Redirect Activity
  • Adblock Update Activity
  • HTTP A.I-Pifou Choix_langue.PHP Dir Trav
  • Alexa User Info Tracking
  • HTTP AltaVista DirTraversal
  • HTTP Anacondaclip Directory Traversal
  • HTTP Anaconda Directory Traversal
  • HTTP Annex Ping CGI DoS
  • HTTP Quicktime RTSP URI BO
  • HTTP Armada Traversal
  • HTTP Athena Web Registration Cmd Exec.
  • HTTP AtomicBoard Dir Traversal
  • HTTP BadBlue MFCISAPI Cmd BO
  • HTTP PHP MySQL Banner Exchange File Inc.
  • HTTP PHP MySQL Banner Exchange SQL Inj.
  • HTTP MS BizTalk DTA RemoteExec
  • HTTP BroadcastPC Activity
  • HTTP Cacti Graph Image Remote Exec
  • HTTP CakePHP Dir Trav
  • HTTP CGIEmail BO
  • HTTP WebCart Cmd Execution
  • HTTP CGI Count BO
  • HTTP O'Reilly webfind.exe BO
  • HTTP ANS PL CGI Dir. Traversal
  • HTTP Auktion CGI Dir. Traversal
  • HTTP BB Hist CGI Dir. Traversal
  • HTTP BB HostSvc Dir. Traversal
  • HTTP Bytes shopper.cgi Dir. Traversal
  • HTTP CGIForum Dir. Traversal
  • HTTP DirectoryPro Directory Traversal
  • HTTP CGI Recursion End MailMan Cmd Exec
  • HTTP Guestbook CGI Dir. Traversal
  • HTTP Hyperseek 2000 Dir. Traversal
  • HTTP iCat carbo.dll Dir. Traversal
  • HTTP idq.dll Directory Traversal
  • HTTP Interactive Story Dir Traversal
  • HTTP iPlanet Directory Traversal
  • HTTP iXmail CGI Dir. Traversal
  • HTTP JRun CGI Directory Traversal
  • HTTP Kebi Academy Directory Traversal
  • HTTP CGI Rec. Mailreader nph-mr.cgi
  • HTTP MRTG Directory Traversal
  • HTTP CGI Recursion MultiHTML
  • HTTP PHPMyFAQ Directory Traversal
  • HTTP Saxopress URL Param Dir Trav.
  • HTTP SendTemp Dir. Traversal
  • HTTP Sojourn Directory Traversal
  • HTTP SGLMerchant Dir. Traversal
  • HTTP Thinking Arts Dir Traversal
  • HTTP Tarantella TTAWebTop.CGI
  • Typo3 Translations.PHP File Disclosure
  • HTTP Microburst uStorekeeper Cmd Exec
  • HTTP Webfroot Shoutbox Dir. Traversal
  • HTTP TalentSoft WebPlus Dir. Traversal
  • HTTP SilverPlatter WebSPIRS File Disc.
  • HTTP web_store.cgi Dir. Traversal
  • HTTP Wordit Logbook.pl Cmd Exec
  • HTTP YaBB Dir. Traversal
  • HTTP Zentrack index.php Info Disc.
  • HTTP Abe Timmerman zml.cgi File Disc.
  • HTTP MartinHamilton File Disclosure
  • HTTP Virt Prog VP-ASP SQL Injection
  • Way-Board File Disclosure
  • HTTP Cloisterblog Journalpl Dir Trav
  • HTTP CDomainFree Rte File Exec.
  • HTTP Comm. Link Pro login.cgi Cmd Exec
  • HTTP Jammail Jammail.pl Cmd Execution
  • HTTP K-COLLECT csv_db.cgi Cmd. Exec
  • HTTP PHPBB Viewtopic Cmd. Exec
  • HTTP PHPOutsourcing Prod.PHP Cmd Exec.
  • HTTP WebAPP apage.cgi Cmd. Exec.
  • HTTP WPS wps_shop.cgi Cmd Exec
  • HTTP Cruiseworks Cws.exe Doc BO
  • HTTP Cruiseworks Cws Doc Dir. Trav
  • HTTP csSearch.cgi Cmd. Exec.
  • HTTP CSVForm Shell Escape
  • HTTP DirectAnimation KeyFrame Heap BO
  • HTTP DownloadPlus Activity
  • HTTP EasyGuppy Printfaq.PHP Dir Trav
  • Elitebar Control Information Activity
  • Elitebar Update Activity
  • HTTP Farsinews Dir Traversal
  • HTTP FileSeek CGI Script Remote Cmd Exec
  • HTTP FlashEnhancer Activity
  • HTTP Gallery Main.PHP Dir Trav
  • HTTP HappyMall Normal Cmd Exec
  • HTTP Home Free Dir Traversal
  • HTTP HP Jetadmin setinfo.hts Dir. Trav
  • HTTP ht://Dig Config File Include
  • HTTP htdig File Disclosure
  • HTTP htdig File Path Disclosure
  • HTTP MS IE CHM Cross-Domain Redirect
  • HTTP Iebar Activity
  • HTTP IEHlpr CCNNLC Update Activity
  • HTTP IEHlpr Register Activity
  • IEPlugin Activity
  • HTTP MS IE Help CTRL Local Zone Bypass
  • HTTP MS IFRAME JOB Share Redirect
  • HTTP MS IIS Showcode ASP Request
  • HTTP INL Ulog-PHP Sql Injection
  • Instafinder Reporting Mistyped URL
  • InvisionBoard SQL Injection
  • HTTP Kerio MailServer Username BO
  • HTTP LedgerSMB Dir Trav
  • HTTP listrec.pl Command Exec
  • HTTP Look2me Activity
  • HTTP LoveFreeGames Activity
  • LXR Cross Ref. Linux Directory Trav.
  • HTTP Margoc Activity
  • HTTP MatrixSearch Activity
  • HTTP McAfee Subscription Mgr Active BO
  • HTTP MiniVend CMD Exec
  • HTTP MondoSearch Source Disclosure
  • HTTP MoneyGainer Download Activity
  • HTTP MS showhelp CHM Download Attempt
  • HTTP MSIE CreateTextRange Code Exec
  • HTTP MSIE IsComponentInstalled BO
  • HTTP MS IE VML Fill Method BO
  • HTTP MSIE VML RecolorInfo Code Exec
  • HTTP MS CMS Information Disclosure
  • HTTP MS Publisher Malform File Code Exec
  • HTTP MS Visio Malformed File Code Exec
  • HTTP MS WMS ActiveX Remote Code Exec
  • HTTP Netref 4 Cat 4 Dir. Traversal
  • HTTP Nortel CGIProc Access
  • HTTP NX5Linkx SQL Injection
  • HTTP phpPhotoAlbum Dir Trav
  • HTTP O2Php Oxygen SQL Injection
  • HTTP OfferAgent Ad Popup Activity
  • HTTP OfferAgent Install Request
  • HTTP PHPBB URL Decode SQL Injection
  • HTTP PhpNuke Search Module SQL Injection
  • PHP Rocket Add-in Directory Traversal
  • HTTP PHP Website Index Dir Traversal
  • HTTP Psunami Bulletin Board Cmd Exec.
  • PurityScan Notification Activity
  • HTTP MDAC RDS Dataspace Rem Code Exec.
  • HTTP Technote Parameter File Disclosure
  • HTTP Remote File Include 4nAlbum
  • HTTP Remote File Include (Achievo)
  • HTTP AngelineCMS loadkernel File Include
  • HTTP Remote File Include (AWOL)
  • HTTP Remote File Include Basilix
  • HTTP Remote File Include (Blackboard)
  • HTTP Remote File Inc BlNews
  • HTTP Remote File Include (DCP Portal)
  • HTTP EasyDynamicPages Config File Incl.
  • HTTP Etheni File Include
  • HTTP Gallery File Include
  • HTTP IdeaBox Remote File Include
  • HTTP Remote File Include Informix
  • HTTP Remote File Inc. Invision Board
  • HTTP Kietu File Include
  • HTTP Remote File Include Mambo
  • HTTP Remote File Include (Mantis)
  • HTTP Mantis Remote Script Execution
  • HTTP Remote File Include (MediaWiki)
  • HTTP Remote File Include myphpPageTool
  • HTTP Nucleus Common.PHP File Include
  • HTTP Remote File Include (OCPortal)
  • HTTP Remote File Include (OSCommerce)
  • HTTP PHP-Address Remote File Include
  • HTTP Remote File Include (Pivot)
  • HTTP Remote File Include PMachine
  • HTTP RaXnet Cacti PHP File Include
  • HTTP Remote File Include (SIRGNU)
  • HTTP ttCMS News hdr.php File Inclusion
  • HTTP Webchat defines.php File Include
  • Webfroot Shoutbox Remote File Include
  • HTTP Remote File Include (W-Agora)
  • HTTP Zentrack Index.php File Include
  • HTTP ttCMS/Forum Remote File Inc.
  • HTTP Remote SQL Inject Battleaxe
  • HTTP Remote SQL Injection issProtect
  • HTTP Remote SQL Injection IMP
  • HTTP Remote SQL Injection InstaBoard
  • HTTP RRDBrowse File Parameter Dir. Trav
  • HTTP SalesLogix SQL Injection
  • HTTP SGI InfoSearch fname Exec
  • ShopAtHome Agent Installation Activity
  • ShopAtHome Agent Registration
  • Infostealer Snifula.B HTTP Activity
  • HTTP Squid Proxy cachemgr CGI Request
  • HTTP Super Site Searcher Cmd Exec.
  • HTTP Surfsidkick Info Upload
  • HTTP Sygate Policy Mgr SQL Injection
  • Tafbar Install File Request
  • HTTP Truegalerie Unauth Admin Access
  • HTTP Dell TrueMobile Remote Cred Reset
  • HTTP TrustInPopups Activity
  • HTTP Vanish Activity
  • HTTP vBulletin PHP misc.php Code Exec
  • HTTP VMWare ActiveX Control BO
  • HTTP IRIX webdist CGI Cmd Exec
  • HTTP Webext Install Activity
  • WhenU Installation Activity
  • WhenU Update Events
  • HTTP WikkiTikkiTavi Remote File Include
  • HTTP Winpup Activity
  • HTTP WP-DB Backup Wordpress Dir Trav.
  • HTTP Wordpress PHP File Include
  • WordPress SQL Injection (HTTP)
  • HTTP WorldSearch Activity
  • HTTP W32.Mixor Worm Activity
  • HTTP Xaraya Dir. Traversal
  • HTTP XMLHTTP SetRequestHeader Exec
  • HTTP XSTAT PHPInfo Disclosure
  • HTTP XunLei WebThunder ActiveX Download
  • HTTP Yahoo Voice Chat ActiveX BO
  • HTTP ZQuest Activity
  • HTTP IEDriver Popup Activity
  • Incredifind Redirect Activity
  • ISearch Mistyped URL Hijack Attempt
  • ISTBar Fav Menu Porn Site Request
  • LinkMaker Activity
  • Look2ME Updates
  • MediaWiki Language Option PHP Code Exec
  • MedLoad Logging Activity
  • MS DHCP MAC Exec DoS
  • HTTP MS IE FTP Proto Hndlr Loc File Disc
  • HTTP MS IIS ASP Source Disclosure
  • MS ASN1 Integer Overflow TCP
  • NaviHelper Update Activity
  • HTTP QuickSearch Activity
  • RSA Agent WebRedirect BO
  • SuperSpider Hijack Activity
  • SurfSideKick AutoUpdate Activity
  • HTTP SurfSideKick Installation Activity
  • Websearch Configuration Request
  • Linux Whois Exec
  • Yahoo IM Login
  • Yahoo IM Conference Invite
  • Yahoo Conference Login
  • Yahoo IM File Transfer
  • Yahoo IM Activity
  • Yahoo Ping

Security Update 88 provides updated coverage for the following vulnerabilities and threats:

  • ISTBar Configuration Request
  • Goidr DNS Request
  • QuickSearch DNS Request
  • ISearch DNS Request
  • HTTP MS Excel Unicode HLINK BO
  • HTTP MS Excel XLW 4.0 Workbook CodeExec
  • HTTP Excel Multiple Remote Code Exec (2)
  • HTTP Excel ShockWave Obj Flash JS Exec
  • HTTP Excel MSO Remote Code Exec
  • HTTP Excel Multiple Remote Code Exec (3)
  • HTTP MS Office Drawing BO
  • HTTP Excel Multiple Remote Code Exec (4)
  • HTTP MS Excel XLW Remote Code Execution

Return to main Symantec Network Security page


Last modified on: Tuesday, 09-Oct-07 21:26:18