cpe:/a:symantec:pcanywhere:10.0 cpe:/a:symantec:pcanywhere:10.5 cpe:/a:symantec:pcanywhere:11.0 cpe:/a:symantec:pcanywhere:11.0.1 cpe:/a:symantec:pcanywhere:11.5 cpe:/a:symantec:pcanywhere:11.5.1 cpe:/a:symantec:pcanywhere:12.0 cpe:/a:symantec:pcanywhere:12.1 cpe:/a:symantec:pcanywhere:12.5 CVE-2009-0538 2009-03-18T11:30:00.453-04:00 2017-08-07T21:33:59.157-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-03-19T09:41:00.000-04:00 SECTRACK 1021855 BUGTRAQ 20090318 Layered Defense Research Advisory: Format String Vulnerablity in Symantec PcAnywhere v10-12.5 BID 33845 SECUNIA 34305 OSVDB 52797 VUPEN ADV-2009-0755 CONFIRM http://securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html MISC http://www.layereddefense.com/pcanywhere17mar.html XF symantec-pcanywhere-unspecified-dos(49291) Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).