The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) prior to 20070405 does not verify the authenticity of upgrades, which allows remote malicious users to execute arbitrary code via software that implements the agent upgrade protocol.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
symantec enterprise security manager 5.5.3 |
||
symantec enterprise security manager 6.0 |
||
symantec enterprise security manager 6.5.2 |
||
symantec enterprise security manager 6.5 |
||
symantec enterprise security manager 6.5.1 |