Symantec Scan Engine 5.0.0.24, and possibly other versions prior to 5.1.0.7, uses a client-side check to verify a password, which allows remote malicious users to gain administrator privileges via a modified client that sends certain XML requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
symantec antivirus scan engine 5.0.0.24 |