Summary
This host is installed with Symantec Endpoint Protection and is prone to remote code execution vulnerability.
Impact
Successful exploitation could allow remote authenticated users to execute arbitrary code via unspecified vectors.
Impact Level: System/Application
Solution
Upgrade to Symantec Endpoint Protection (SEP) version 11.0 RU7-MP3 or SEP12.1 RU2 or later http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121210_00
Insight
The decomposer engine in Symantec Products fails to properly validate input for PHP scripts.
Affected
Symantec Endpoint Protection (SEP) versions 11.0 before RU7-MP3 and 12.1 before RU2 Symantec Endpoint Protection Small Business Edition version 12.x before 12.1 RU2
References
Severity
Classification
-
CVE CVE-2012-4348 -
CVSS Base Score: 7.2
AV:A/AC:L/Au:M/C:C/I:C/A:C
Related Vulnerabilities