Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3479

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-3479
Last Modified 07 Feb 2012 12:00:00
Published 25 Jan 2012 10:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-3479

Summary

Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.

Vulnerable Systems

Application

  • Symantec Pcanywhere 12.5

  • Symantec Pcanywhere 12.5.539

  • Symantec Pcanywhere 12.6.65

  • Symantec Pcanywhere 12.6.7580


References

CONFIRM - http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

BID - 51593


Last Updated: 27 May 2016 10:57:23