Symantec Scan Engine 5.0.0.24, and possibly other versions prior to 5.1.0.7, stores sensitive log and virus definition files under the web root with insufficient access control, which allows remote malicious users to obtain the information via direct requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
symantec antivirus scan engine 5.0.0.24 |