VDB
CVE-2004-0445
CVE-2004-0445
PUBLISHED
CVSS 2.5999999046325684 LOW
The SYMDNS.SYS driver in Symantec Norton Internet Security and Professional 2002 through 2004, Norton Personal Firewall 2002 through 2004, Norton AntiSpam 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 through 2.0 allows remote attackers to cause a denial of service (CPU consumption from infinite loop) via a DNS response with a compressed name pointer that points to itself.
EPSS 34.32% · 97.1th percentile
Risk Scores
CVSS 2.0
2.5999999046325684
EPSS Score
34.32%
97.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| symantec | norton_internet_security | 2002, 2004, 2004 |
| symantec | client_security | 1.6, 1.4, 1.5 |
| symantec | client_firewall | 5.01, 5.1.1 |
| symantec | norton_antispam | 2004 |
| n/a | n/a | n/a |
| symantec | norton_personal_firewall | 2002, 2004, 2003 |
Timeline
- May 12, 2004 CVE Published
- Sep 23, 2010 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 27, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://securitytracker.com/id?1010144 url
- 1010146 vdb
- 1010145 vdb
- O-141 third-party-advisory
- VU#682110 third-party-advisory
- 6100 vdb
- symantec-firewall-dns-dos(16132) vdb
- http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html url
- 20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service mailing-list
- 11066 third-party-advisory
- 10336 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2004-0445 advisory