{"api_version":"1","generated_at":"2026-04-23T17:14:55+00:00","cve":"CVE-2004-0375","urls":{"html":"https://cve.report/CVE-2004-0375","api":"https://cve.report/api/cve/CVE-2004-0375.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2004-0375","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2004-0375"},"summary":{"title":"CVE-2004-0375","description":"SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.","state":"PUBLISHED","assigner":"mitre","published_at":"2004-08-18 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"5","severity":"","vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://marc.info/?l=bugtraq&m=108275582432246&w=2","name":"http://marc.info/?l=bugtraq&m=108275582432246&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'EEYE: Symantec Multiple Firewall TCP Options Denial of Service' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/9912","name":"http://www.securityfocus.com/bid/9912","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"],"title":"Symantec Client Firewall Products SYMNDIS.SYS Driver Remote Denial Of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15433","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15433","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15936","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15936","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.eeye.com/html/Research/Upcoming/20040309.html","name":"http://www.eeye.com/html/Research/Upcoming/20040309.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"eEye Digital Security - Vulnerability Management Solutions","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1009379","name":"http://securitytracker.com/id?1009379","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Norton Personal Firewall  SYMNDIS.SYS TCP Options Parsing Flaw Lets Remote Users Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.symantec.com/avcenter/security/Content/2004.04.20.html","name":"http://www.symantec.com/avcenter/security/Content/2004.04.20.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Client Firewall Denial of Service Vulnerability","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://securitytracker.com/id?1009380","name":"http://securitytracker.com/id?1009380","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Symantec Norton Internet Security SYMNDIS.SYS TCP Options Parsing Flaw Lets Remote Users Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2004-0375","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-0375","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_firewall","cpe6":"5.01","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_firewall","cpe6":"5.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"client_security","cpe6":"1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2003","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2003","cpe7":"*","cpe8":"pro","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_internet_security","cpe6":"2004","cpe7":"*","cpe8":"pro","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_personal_firewall","cpe6":"2003","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2004","cve_id":"375","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_personal_firewall","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T00:17:14.445Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1009379","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1009379"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.symantec.com/avcenter/security/Content/2004.04.20.html"},{"name":"1009380","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1009380"},{"name":"norton-firewalls-dos(15433)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15433"},{"name":"symantec-firewall-tcp-dos(15936)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15936"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.eeye.com/html/Research/Upcoming/20040309.html"},{"name":"20040423 EEYE: Symantec Multiple Firewall TCP Options Denial of Service","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=108275582432246&w=2"},{"name":"9912","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/9912"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2004-04-23T00:00:00.000Z","descriptions":[{"lang":"en","value":"SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"1009379","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1009379"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.symantec.com/avcenter/security/Content/2004.04.20.html"},{"name":"1009380","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1009380"},{"name":"norton-firewalls-dos(15433)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15433"},{"name":"symantec-firewall-tcp-dos(15936)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15936"},{"tags":["x_refsource_MISC"],"url":"http://www.eeye.com/html/Research/Upcoming/20040309.html"},{"name":"20040423 EEYE: Symantec Multiple Firewall TCP Options Denial of Service","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=108275582432246&w=2"},{"name":"9912","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/9912"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2004-0375","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1009379","refsource":"SECTRACK","url":"http://securitytracker.com/id?1009379"},{"name":"http://www.symantec.com/avcenter/security/Content/2004.04.20.html","refsource":"CONFIRM","url":"http://www.symantec.com/avcenter/security/Content/2004.04.20.html"},{"name":"1009380","refsource":"SECTRACK","url":"http://securitytracker.com/id?1009380"},{"name":"norton-firewalls-dos(15433)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15433"},{"name":"symantec-firewall-tcp-dos(15936)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/15936"},{"name":"http://www.eeye.com/html/Research/Upcoming/20040309.html","refsource":"MISC","url":"http://www.eeye.com/html/Research/Upcoming/20040309.html"},{"name":"20040423 EEYE: Symantec Multiple Firewall TCP Options Denial of Service","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=108275582432246&w=2"},{"name":"9912","refsource":"BID","url":"http://www.securityfocus.com/bid/9912"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2004-0375","datePublished":"2004-05-05T04:00:00.000Z","dateReserved":"2004-03-29T00:00:00.000Z","dateUpdated":"2024-08-08T00:17:14.445Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2004-08-18 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_firewall:5.01:*:*:*:*:*:*:*","matchCriteriaId":"4AEFBAEB-18D4-4082-9F19-C47113841C89"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_firewall:5.1.1:*:*:*:*:*:*:*","matchCriteriaId":"6EA9657C-14D2-418A-AABD-96392E87F4B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.0:*:*:*:*:*:*:*","matchCriteriaId":"C1DFD4CB-40A1-4D70-97AC-0941826F28CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:client_security:1.1:*:*:*:*:*:*:*","matchCriteriaId":"7483F6DD-EDC0-497E-A5A9-B186E02CCCEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2003:*:*:*:*:*:*:*","matchCriteriaId":"AEF97C5F-3A80-4973-85FD-5BCE43B32AD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2003:*:pro:*:*:*:*:*","matchCriteriaId":"1F0BF645-7C56-4ED6-91C0-AE4CFAB62EE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*","matchCriteriaId":"2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_internet_security:2004:*:pro:*:*:*:*:*","matchCriteriaId":"D7875372-44D7-47AB-8F8C-4A3AB98FB3B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_personal_firewall:2003:*:*:*:*:*:*:*","matchCriteriaId":"74E5CAF7-C305-4FAF-8DA7-627D83F65185"},{"vulnerable":true,"criteria":"cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*","matchCriteriaId":"36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2004","CveId":"375","Ordinal":"1","Title":"CVE-2004-0375","CVE":"CVE-2004-0375","Year":"2004"},"notes":[{"CveYear":"2004","CveId":"375","Ordinal":"1","NoteData":"SYMNDIS.SYS in Symantec Norton Internet Security 2003 and 2004, Norton Personal Firewall 2003 and 2004, Client Firewall 5.01 and 5.1.1, and Client Security 1.0 and 1.1 allow remote attackers to cause a denial of service (infinite loop) via a TCP packet with (1) SACK option or (2) Alternate Checksum Data option followed by a length of zero.","Type":"Description","Title":"CVE-2004-0375"},{"CveYear":"2004","CveId":"375","Ordinal":"2","NoteData":"2004-05-05","Type":"Other","Title":"Published"},{"CveYear":"2004","CveId":"375","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}