Home / Early Warning / Vulnerabilidades / CVE-2015-1492

CVE-2015-1492

Type: 
Input Validation
Severity: 
High
Publication date: 
07/31/2015
Last modified: 
09/20/2017
Description
Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package.
Impact
Access Vector: Through network
Access Complexity: Media
Authentication: Requires a single instance to exploit
Impact Type: Total commitment on system integrity + Total commitment on system confidentiality + Total commitment on system availability
Vulnerable software and versions
  • cpe:2.3:a:symantec:endpoint_protection_manager:12.1.0:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields