PT-2019-8879 · Symantec · Sep

Published

2019-04-25

Updated

2020-08-24

CVE-2018-12244

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions SEP (Mac client) versions prior to and including 12.1 RU6 MP9 SEP (Mac client) versions prior to 14.2 RU1

Description The issue is related to a CSV/DDE injection, also known as formula injection, which occurs when an application allows untrusted input into CSV files.

Recommendations For SEP (Mac client) versions prior to and including 12.1 RU6 MP9, update to a version later than 12.1 RU6 MP9. For SEP (Mac client) versions prior to 14.2 RU1, update to version 14.2 RU1 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1236

Related Identifiers

CVE-2018-12244

Affected Products

Sep

PT-2019-8879 · Symantec · Sep

CVE-2018-12244

Weakness Enumeration

Related Identifiers

Affected Products

References · 4