CVE-2013-1609

Published: 26/03/2013 Updated: 27/03/2013

CVSS v2 Base Score: 6.8 | Impact Score: 10 | Exploitability Score: 3.1

VMScore: 606

Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving prior to 9.0.4 and 10.x prior to 10.0.1 allow local users to gain privileges via a Trojan horse program.

Vulnerable Product	Search on Vulmon	Subscribe to Product
symantec enterprise vault for file system archiving
symantec enterprise vault for file system archiving 10.0.0

Unquoted Search Path or Element | Fixing Unquoted Service Paths Enumeration Vulnerability

CWE-428 Unquoted Search Path or Element | Fixing Unquoted Service Paths Enumeration Vulnerability cwemitreorg/data/definitions/428html PowerShell: Fixing Unquoted Service Paths (Complete) wwwryanandjeffshowcom/blog/2013/04/11/powershell-fixing-unquoted-service-paths-complete/ Fix Unquoted Service Path for Windows Services (Intune) powershellisfuncom

Unquoted Search Path or Element | Fixing Unquoted Service Paths Enumeration Vulnerability

CWE-428 Unquoted Search Path or Element | Fixing Unquoted Service Paths Enumeration Vulnerability cwemitreorg/data/definitions/428html PowerShell: Fixing Unquoted Service Paths (Complete) wwwryanandjeffshowcom/blog/2013/04/11/powershell-fixing-unquoted-service-paths-complete/ Fix Unquoted Service Path for Windows Services (Intune) powershellisfuncom

NVD-CWE-Other http://www.securityfocus.com/bid/58617 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130321_00 https://nvd.nist.gov https://github.com/Ontothecloud/CWE-428

CVE-2013-1609

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect