PT-2012-2481 · Symantec · Symantec Backup Exec System Recovery+1

Publicado

2012-07-23

Atualizado

2013-02-02

CVE-2012-0305

CVSS v2.0

4.4

Média

Vetor

AV:L/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Symantec System Recovery versions prior to 2011 SP2 Symantec Backup Exec System Recovery versions prior to 2010 SP5

Description The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory. This is due to an untrusted search path vulnerability.

Recommendations For Symantec System Recovery versions prior to 2011 SP2, update to Symantec System Recovery 2011 SP2 or later. For Symantec Backup Exec System Recovery versions prior to 2010 SP5, update to Symantec Backup Exec System Recovery 2010 SP5 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2012-0305

Produtos afetados

Symantec Backup Exec System Recovery

Symantec System Recovery

PT-2012-2481 · Symantec · Symantec Backup Exec System Recovery+1

CVE-2012-0305

Identificadores relacionados

Produtos afetados

Referências · 3