Summary
The host is installed with Symantec Endpoint Protection Manager and is prone to buffer overflow vulnerability.
Impact
Successful exploitation will allow attackers to cause a buffer overflow via the web based management console.
Solution
Upgrade to version 12.1.3 or later,
For updates refer to http://www.symantec.com
Insight
Flaw is due to a boundary error within secars.dll.
Affected
Symantec Endpoint Protection Center (SPC) Small Business Edition version 12.1.x before 12.1.3
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-1612 -
CVSS Base Score: 7.9
AV:A/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- CA eTrust PestPatrol Anti-Spyware 'ppctl.dll' ActiveX Control BOF Vulnerability
- Adobe Air Buffer Overflow Vulnerability (Mac OS X)
- CA Internet Security Suite Plus 'KmxSbx.sys' Buffer Overflow Vulnerability
- Citrix Provisioning Services 'streamprocess.exe' Component Remote Code Execution Vulnerability
- Adobe Reader Buffer Overflow Vulnerability Sep09 (Win)