PT-2014-5320 · Symantec · Symantec Endpoint Protection+1

Publicado

2014-08-06

Atualizado

2017-08-29

CVE-2014-3434

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection (SEP) Client versions 11.x through 12.1 before RU4 MP1b Symantec Endpoint Protection (SEP) Small Business Edition versions prior to 12.1

Description A buffer overflow issue exists in the sysplant driver, allowing local users to execute arbitrary code via a long argument to a 0x00222084 IOCTL call.

Recommendations For Symantec Endpoint Protection (SEP) Client versions 11.x through 12.1 before RU4 MP1b, update to version 12.1 RU4 MP1b or later. For Symantec Endpoint Protection (SEP) Small Business Edition versions prior to 12.1, update to version 12.1 or later.

Exploit

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2014-3434

Produtos afetados

Symantec Endpoint Protection

Symantec Endpoint Protection Client

PT-2014-5320 · Symantec · Symantec Endpoint Protection+1

CVE-2014-3434

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12