PT-2012-2471 · Symantec · Symantec Endpoint Protection+1

Published

2012-05-23

Updated

2013-01-04

CVE-2012-0295

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection (SEP) versions 12.1 through 12.1 before RU1-MP1

Description The issue allows remote attackers to conduct file-insertion attacks and execute arbitrary code. This is achieved by leveraging exploitation in the Manager service within the management console.

Recommendations For Symantec Endpoint Protection (SEP) versions 12.1 through 12.1 before RU1-MP1, update to version 12.1 RU1-MP1 or later to resolve the issue.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2012-0295

Affected Products

Symantec Endpoint Protection

Symantec Endpoint Protection Client

PT-2012-2471 · Symantec · Symantec Endpoint Protection+1

CVE-2012-0295

Weakness Enumeration

Related Identifiers

Affected Products

References · 6