CVE-2016-5310

Name: CVE-2016-5310
Creator: NVD / NIST
Published: 2017-04-14T18:59:00.563+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.5/10EPSS 5.31%

Last modified Jun 17, 2026

CVE-2016-5310 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.. EPSS estimates a 5.31% chance of exploitation in the next 30 days.

Description

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac; Symantec Endpoint Protection Small Business Edition 12.1; CSAPI before 10.0.4 HF02; Symantec Protection Engine (SPE) before 7.0.5 HF02, 7.5.x before 7.5.4 HF02, 7.5.5 before 7.5.5 HF01, and 7.8.x before 7.8.0 HF03; Symantec Mail Security for Domino (SMSDOM) before 8.0.9 HF2.1, 8.1.x before 8.1.2 HF2.3, and 8.1.3 before 8.1.3 HF2.2; Symantec Mail Security for Microsoft Exchange (SMSMSE) before 6.5.8_3968140 HF2.3, 7.x before 7.0_3966002 HF2.1, and 7.5.x before 7.5_3966008 VHF2.2; Symantec Protection for SharePoint Servers (SPSS) before SPSS_6.0.3_To_6.0.5_HF_2.5 update, 6.0.6 before 6.0.6 HF_2.6, and 6.0.7 before 6.0.7_HF_2.7; Symantec Messaging Gateway (SMG) before 10.6.2; Symantec Messaging Gateway for Service Providers (SMG-SP) before 10.5 patch 260 and 10.6 before patch 259; Symantec Web Gateway; and Symantec Web Security.Cloud allows remote attackers to cause a denial of service (memory corruption) via a crafted RAR file that is mishandled during decompression.

Metrics

CVSS 3.1

5.5/10

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS Probability

5.31%

91.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-787

Affected Software

Vendor	Product	Versions
Broadcom	Symantec Data Center Security Server	All versions
Symantec	Advanced Threat Protection	All versions
Symantec	Csapi	<= 10.0.4
Symantec	Email Security.Cloud	All versions
Symantec	Endpoint Protection	<= 12.1.4
Symantec	Endpoint Protection	<= 12.1.6
Symantec	Endpoint Protection Cloud	All versions
Symantec	Endpoint Protection For Small Business	<= 12.1
Symantec	Endpoint Protection For Small Business	All versions
Symantec	Mail Security For Domino	<= 8.0.9
Symantec	Mail Security For Domino	8.1.2
Symantec	Mail Security For Domino	8.1.3
Symantec	Mail Security For Microsoft Exchange	<= 6.5.8
Symantec	Mail Security For Microsoft Exchange	7.0
Symantec	Mail Security For Microsoft Exchange	7.0.1
Symantec	Mail Security For Microsoft Exchange	7.0.2
Symantec	Mail Security For Microsoft Exchange	7.0.3
Symantec	Mail Security For Microsoft Exchange	7.0.4
Symantec	Mail Security For Microsoft Exchange	7.5
Symantec	Mail Security For Microsoft Exchange	7.5.1
Symantec	Mail Security For Microsoft Exchange	7.5.2
Symantec	Mail Security For Microsoft Exchange	7.5.3
Symantec	Mail Security For Microsoft Exchange	7.5.4
Symantec	Messaging Gateway	<= 10.6.1
Symantec	Messaging Gateway For Service Providers	10.5
Symantec	Messaging Gateway For Service Providers	10.6
Symantec	Protection Engine	<= 7.0.5
Symantec	Protection Engine	7.5.0
Symantec	Protection Engine	7.5.1
Symantec	Protection Engine	7.5.2
Symantec	Protection Engine	7.5.3
Symantec	Protection Engine	7.5.4
Symantec	Protection Engine	7.5.5
Symantec	Protection Engine	7.8.0
Symantec	Protection For Sharepoint Servers	6.0.3
Symantec	Protection For Sharepoint Servers	6.0.4
Symantec	Protection For Sharepoint Servers	6.0.5
Symantec	Protection For Sharepoint Servers	6.0.6
Symantec	Protection For Sharepoint Servers	6.0.7
Symantec	Web Gateway	All versions
Symantec	Web Security.Cloud	All versions

References

http://www.securityfocus.com/bid/92866Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036847Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036848Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036849Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036850Third Party Advisory, VDB Entry
https://bugs.chromium.org/p/project-zero/issues/detail?id=867Exploit, Patch, Third Party Advisory
https://www.exploit-db.com/exploits/40405/Exploit, Third Party Advisory, VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00Vendor Advisory
http://www.securityfocus.com/bid/92866Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036847Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036848Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036849Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1036850Third Party Advisory, VDB Entry
https://bugs.chromium.org/p/project-zero/issues/detail?id=867Exploit, Patch, Third Party Advisory
https://www.exploit-db.com/exploits/40405/Exploit, Third Party Advisory, VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160919_00Vendor Advisory

Timeline

Published: Apr 14, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-5310?

How severe is CVE-2016-5310?

CVE-2016-5310 has a CVSS score of 5.5/10 (MEDIUM severity). The EPSS model estimates a 5.31% probability of exploitation in the next 30 days.

How do I fix CVE-2016-5310?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-5310?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST