Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:56
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/64130 - | |
References | () http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00 - Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/90226 - |
Information
Published : 2014-01-10 16:47
Updated : 2024-11-21 01:56
NVD link : CVE-2013-5011
Mitre link : CVE-2013-5011
CVE.ORG link : CVE-2013-5011
JSON object : View
Products Affected
symantec
- endpoint_protection
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')