Published: 25/01/2012 Updated: 06/01/2018

CVSS v2 Base Score: 6.8 | Impact Score: 10 | Exploitability Score: 3.1

VMScore: 685

Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

Symantec pcAnywhere 12.5.x up to and including 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
symantec pcanywhere 12.5.539
symantec pcanywhere 12.5
symantec pcanywhere 12.6.65
symantec pcanywhere 12.6.7580

======= Summary ======= Name: Symantec pcAnywhere insecure file permissions local privilege escalation Release Date: 30 April 2012 Reference: NGS00117 Discoverer: Edward Torkington <edwardtorkington@ngssecurecom> Vendor: Symantec Vendor Reference: Systems Affected: Symantec pcAnywhere 125x IT Management Suite 70 pcAnywhere So ...

CWE-264 http://www.securityfocus.com/bid/51593 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 http://secunia.com/advisories/48092 https://nvd.nist.gov https://www.exploit-db.com/exploits/18823/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-3479

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect