PT-2013-3275 · Symantec · Symantec Endpoint Protection Small Business Edition+1

Published

2013-06-20

Updated

2013-06-20

CVE-2013-1612

CVSS v2.0

7.9

High

Vector

AV:A/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection Manager versions 12.1.x through 12.1.2 Symantec Endpoint Protection Center Small Business Edition versions 12.0.x

Description A buffer overflow issue exists in the secars.dll component of the management console, allowing remote attackers to execute arbitrary code.

Recommendations For Symantec Endpoint Protection Manager versions 12.1.x through 12.1.2, update to version 12.1.3 or later. For Symantec Endpoint Protection Center Small Business Edition versions 12.0.x, consider upgrading to a version that is not affected by this issue, as no specific fixed version is mentioned for this product.

Exploit

Fix

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2013-1612

Affected Products

Symantec Endpoint Protection Small Business Edition

Symantec Endpoint Protection Manager

PT-2013-3275 · Symantec · Symantec Endpoint Protection Small Business Edition+1

CVE-2013-1612

Weakness Enumeration

Related Identifiers

Affected Products

References · 5