Norton 360 version 24.10.9535.1052 vulnerabilities

View all applications
Patching for Windows Mac Linux

CVE Vulnerabilities for Norton 360

CVE	Published	Severity	Details	Exploitability	Impact	Vector
CVE‑2016‑5311	2020‑01‑09 20:15:11	HIGH (8)	A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.	2	6	LOCAL
CVE‑2016‑3646	2016‑06‑30 23:59:08	HIGH (10)	The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted ZIP archive that is mishandled during decompression.	0	0	NETWORK
CVE‑2016‑3645	2016‑06‑30 23:59:07	HIGH (10)	Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to have an unspecified impact via crafted TNEF data.	0	0	NETWORK
CVE‑2016‑3644	2016‑06‑30 23:59:06	HIGH (10)	The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via modified MIME data in a message.	0	0	NETWORK
CVE‑2016‑2211	2016‑06‑30 23:59:05	HIGH (9)	The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted CAB file that is mishandled during decompression.	0	0	NETWORK
CVE‑2016‑2210	2016‑06‑30 23:59:04	HIGH (9)	Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.	0	0	NETWORK
CVE‑2016‑2209	2016‑06‑30 23:59:02	HIGH (9)	Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code via a crafted file.	0	0	NETWORK
CVE‑2016‑2207	2016‑06‑30 23:59:01	HIGH (10)	The AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection (SEP) before 12.1 RU6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1 RU6 MP5; Symantec Protection Engine (SPE) before 7.0.5 HF01, 7.5.x before 7.5.3 HF03, 7.5.4 before HF01, and 7.8.0 before HF01; Symantec Protection for SharePoint Servers (SPSS) 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 and 6.0.6 before HF 1.6; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 7.0_3966002 HF1.1 and 7.5.x before 7.5_3966008 VHF1.2; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF1.1 and 8.1.x before 8.1.3 HF1.2; CSAPI before 10.0.4 HF01; Symantec Message Gateway (SMG) before 10.6.1-4; Symantec Message Gateway for Service Providers (SMG-SP) 10.5 before patch 254 and 10.6 before patch 253; Norton AntiVirus, Norton Security, Norton Internet Security, and Norton 360 before NGC 22.7; Norton Security for Mac before 13.0.2; Norton Power Eraser (NPE) before 5.1; and Norton Bootable Removal Tool (NBRT) before 2016.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation) via a crafted RAR file that is mishandled during decompression.	0	0	NETWORK
CVE‑2011‑3477	2018‑02‑19 19:29:00	MEDIUM (5)	GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors.	0	0	LOCAL
CVE‑2010‑0107	2010‑02‑23 20:30:00	HIGH (9)	Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site."	0	0	NETWORK

Windows Mac Linux

What applications does Lavawall® monitor?

Lavawall monitors patches for over 7,500 applications. This is a summary of the most popular applications.
Click here for the full list.
Click the applications below for the current version and known vulnerabilities.
Logos are property of their respective trademark holders and are not affiliated with ThreeShield or Lavawall. We have not audited the security of most of the listed tools.

115Chrome

1Password

360Chrome

3CX Call Flow Designer

3CX Desktop App

6.0 .NET SDK

7.0 .NET SDK

7Zip

9.0 .NET SDK

ABS PDF Install

Acronis True Image

Active@ Boot Disk

ActiveState Komodo Edit

ActivityWatch

Adblock Plus

Adobe Acrobat Reader DC

Adobe Audition

Adobe Bridge

Adobe Character Animator

Adobe Connect

Adobe Connect application MSI

Adobe Creative Cloud

Adobe DNG Converter

Adobe Dreamweaver

Adobe Illustrator

Adobe InDesign

Adobe Lightroom

Adobe Photoshop

Advanced IP Scanner

AIMP

AirDroid

AirPort

AlienVault

Alienware Command Center Suite

Alist

Altap Salamander

Amazon Music

Amazon WorkSpaces

Anaconda3

Anchore Syft

AnyDesk

AnyDesk Windows

AnyTXT Searcher

Apache Directory Studio

Apache HTTP Server

Apache NetBeans IDE

Arduino USB Driver

Arm GNU Toolchain

Armagetron Advanced

ArmouryCrate

ArrayFire

Artha

Asana

ASUS drivers and firmware

Atlassian Companion

ATLauncher Setup

Audacity

Autodesk Access

Autodesk Advance Steel

Autodesk AutoCAD Architecture

Autodesk Revit

AutoElevate

AutoHotkey

Automox Agent

Avaya Workplace

AWS VPN Windows

Axcient Backup Agent

Azure VPN Client

BaiduNetdisk

balenaEtcher

BandiView

Bandizip

Basecamp 3

BeeBEEP

Beeftext

Bio-Well

Bitcoin Core

Bitdefender Endpoint

Bitwarden CLI

Bluebeam Revu

Brackets

Brady Workstation

Brave Browser

Brother drivers and firmware

Burp Suite Beta

calibre

Canon My Printer

Care Center Service

Caseware Working Papers

CCleaner

Chocolatey

Chrome Remote Desktop

ChromeOS Stable

Cisco Webex

Citrix Workspace

ClangFormat

Clockify

Cloudflare WARP

Code::Blocks

Composer - PHP Dependency Manager

Conexant drivers and firmware

CrowdStrike Windows Sensor

CurseForge

Cursor

CutePDF Writer

CyberProtectHomeOffice

Datto RMM

Debian

Dell Command

DisplayLink Graphics Driver

Docker Desktop

docuPrinter Pro

DoxCycle

Dropbox

Dymo Connect

Dynamo Core

Elan drivers and firmware

Electrum

Epic Games Launcher

ESET AV Remover

Evernote

Evoluent drivers and firmware

ExpressConnect Drivers

ExpressVPN

FARO LS

FileZilla Client

Firefox

Foobar2000

Formit

FortiClient VPN

FreeCAD

Garmin drivers and firmware

Gimp

Git

GitHub Desktop

Glance Client

Glance Guest

GN Audio drivers and firmware

Go Programming Language

Go Spotify Cli

Google Ads Editor

Google Drive

Google Earth

Google Sheets

Google Slides

GoTo Opener

GoTo Resolve Desktop Console

GoToAssist Expert

Grammarly MacOS

GrampsAIO64

Groovy 2

Guardian Browser

Guitar Pro 6

Heidi Eraser

HeidiSQL

Honeyview

HP Click

HP OCR

Huntress Agent

IcedTea-Web

Inkscape

Insecure Nmap

Intel drivers and firmware

IrfanView

IronPython

ITE Tech drivers and firmware

iTunes

Java 8

KeePass Password Safe 2

Krisp Ai Meeting Manager

Laserbox basic

LastPass Desktop (Installed)

Lenovo Legion Toolkit

Lenovo Vantage

Lexmark International Printer

LibreOffice

Logi Bolt

Logi Options+

Logitech drivers and firmware

Loom

Magic Control Technology drivers and firmware

Malwarebytes

ManageEngine ADSelfService

MAXtoA

Memurai Developer

Edge

Malicious Software Removal

MirrorOp

MongoDB Compass Community

MozBackup

Mozilla Maintenance Service

mutool

MySQL Community Server

MySQL Workbench

Node.js LTS

NordPass

NordVPN

Norton 360

Norton Security

NoSQL Workbench

Notepad++

Nox APP Player

NV Access

NVIDIA GeForce Experience

NVIDIA Graphics Driver

OBS Studio

Obsidian

OpenOffice

OpenShot Video Editor

OpenSSL

OpenVPN Connect v2

Oracle Linux 7.9

Palisade @RISK Platform

Panorama9

PDF Architect

PeaZip

Perimeter 81

Pidgin

PL/SQL Developer

Plex Media Server

PostgreSQL 12

Postman x86_64

PowerBI Desktop

ProFile

Pulse Secure

Putty

Python Launcher

Pythonnet

QBFC

qBittorrent

Questrade Edge

QuickBooks Premier

Rancher Desktop

Raspberry Pi Imager

Reaktek Audio Driver

RealVNC Server

reMarkable

Remote Access

Resource Hacker

RICOH drivers and firmware

RingCentral

Rocks'n'Diamonds

Room Sketcher

SafeNet Authentication

Sage 50 Accounting

ScanSnap Home

ScreenConnect Client

ShowMyPC

SiriKali

SketchUp

Skype

Slacktechnologies Slack

Smart Switch

Sonos Controller

Sophos Endpoint Agent

SourceTree

SpeedFan

Splashtop Sos

SQL Server 2019

SQL Server 2022

Sublime Text 3

SunplusIT drivers and firmware

superpowered.me

Symantec AgentInstall

SyncBackFree

Synology Acvtive Backup for Business

Synology Assistant

TaxCycle

Taxprep Forms

Teamviewer

Tenable Nessus

Tenorshare

Terraformer

Thunderbird

Tidalmusicas Tidal

TightVNC

Titus Classification

TriGrid Windows Connector

Trillian

TruGrid Windows Connector

TunnelBear

U.S. Robotics Corporation Model 5637 Voice Driver

Ubuntu

Umbrella Roaming Client

Valve Steam

VeraCrypt

Visual Studio 2015

Visual Studio 2019

Visual Studio 2022

VLC

VMware Tools

Wildix Integration Service

WinDjView

Windows Defender updates

WinFsp 2023

WinPcap

WinRAR

WireGuard

Wireshark

WordPress.com

X Split Gamecaster

XAMPP 8.1

Xerox WorkCentre

Xming

XnResize

XnView Classic

XnView MP

Xprotect

Yarn

Yealink USB Connect

Yubikey Manager

Zebra Setup Utilities

Zed Attack Proxy (ZAP)

Zoom

Zwift

Logos, products, trade names, and company names are all the property of their respective trademark holders.
The above listing includes products that Lavawall® monitors through public information and/or proprietary statistical analysis.
Although we do have a partner relationship with some of the listed products and companies, they do not necessarily endorse Lavawall® or have integrations with our systems.