CVE-2016-9094

Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection versions prior to 14.0 MP1 Symantec Endpoint Protection versions prior to 12.1 RU6 MP7

Description The issue concerns the export of quarantine logs in CSV format, which can potentially allow attackers to inject formulas due to the interpretation of file metadata. Successful exploitation requires significant direct user interaction, including exporting and opening the log files on the target client.

Recommendations For versions prior to 14.0 MP1, update to version 14.0 MP1 or later to resolve the issue. For versions prior to 12.1 RU6 MP7, update to version 12.1 RU6 MP7 or later to resolve the issue. As a temporary workaround, consider avoiding the export of quarantine logs in CSV format until a patch is applied.