CVE-2011-3479

Name of the Vulnerable Software and Affected Versions Symantec pcAnywhere versions 12.5.x through 12.5.3 Symantec IT Management Suite pcAnywhere Solution version 7.0 (aka 12.5.x) Symantec IT Management Suite pcAnywhere Solution version 7.1 (aka 12.6.x)

Description The issue allows local users to gain privileges by modifying a file due to world-writable permissions for product-installation files.

Recommendations For Symantec pcAnywhere versions 12.5.x through 12.5.3, consider changing the permissions of the product-installation files to prevent world-writable access until a patch is available. For Symantec IT Management Suite pcAnywhere Solution version 7.0 (aka 12.5.x), restrict access to the installation files to minimize the risk of exploitation. For Symantec IT Management Suite pcAnywhere Solution version 7.1 (aka 12.6.x), apply configuration changes to limit the permissions of the installation files.