Symantec system recovery arbitrary code execution vulnerability

2019-11-13 10:24

Successful exploitation could allow unauthorized arbitrary code to be executed with loggedon user permissions. Symantec Response. Symantec product engineers verified that the vulnerability exists in the versions of Backup Exec System Recovery and Symantec System Recovery indicated above.Analysis. However, if users follow best practices and Symantecrecommended guidelines, only attackers with access to the local network will likely exploit the vulnerability. Multiple insufficient checks during command chaining can allow an attacker to bypass and inject arbitrary code that the NetBackup process will later execute. symantec system recovery arbitrary code execution vulnerability

Jun 12, 2018 Microsoft Windows is prone to an arbitrary codeexecution vulnerability. A local attacker can exploit this issue to execute arbitrary code in the context of the user running the affected application. indirect, or consequential loss or damage arising from use of, or reliance on, this Symantec products, Symantec Security

Description. Microsoft Windows is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable system to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file. Trend Micro Deep Security DPI Rule Name: Multiple Symantec Products Alert Management System Console Arbitrary Code Execution Vulnerability AFFECTED SOFTWARE AND VERSION symantec antivirus symantec system recovery arbitrary code execution vulnerability Microsoft Windows is prone to a remote codeexecution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed

Rating: 4.70 / Views: 325