Summary
This host is installed with Symantec Enterprise Security Manager/Agent and is prone to local privilege escalation vulnerability.
Impact
Successful exploitation could allow local users to gain privileges via unspecified vectors.
Impact Level: Application
Solution
Upgrade to Symantec Enterprise Security Manager version 11.0 or later Or apply the patch SU44
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121213_00
*****
NOTE: Ignore this warning if patch is applied already.
For patch refer to
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=esm&pvid=su&year=&suid=20121207_00 *****
Insight
An unquoted Windows search path flaw exists in ESM Manager and Agents.
Affected
Symantec Enterprise Security Manager versions 10.x and prior Symantec Enterprise Security Manager Agents versions 10.x and prior
References
Severity
Classification
-
CVE CVE-2012-4350 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
- Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Windows)
- Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
- Adobe Acrobat Multiple Vulnerabilities - Windows
- Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Windows)