Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 30/04/2007 Updated: 08/03/2011

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) prior to 20070405 does not verify the authenticity of upgrades, which allows remote malicious users to execute arbitrary code via software that implements the agent upgrade protocol.

Vulnerable Product	Search on Vulmon	Subscribe to Product
symantec enterprise security manager 5.5.3
symantec enterprise security manager 6.0
symantec enterprise security manager 6.5.2
symantec enterprise security manager 6.5
symantec enterprise security manager 6.5.1

NVD-CWE-Other http://www.symantec.com/avcenter/security/Content/2007.04.05d.html http://www.securityfocus.com/bid/23287 http://secunia.com/advisories/24767 http://www.securitytracker.com/id?1017881 http://www.vupen.com/english/advisories/2007/1277 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-2375

Vulnerability Summary

References

Vulmon Search

About

Products

Connect