Remote code execution vulnerability in Symantec Antivirus Corporate Edition (SAVCE), Symantec System Center (SSC) , and Symantec Quarantine Server via crafted messages over a tcp portID: oval:org.secpod.oval:def:1713 | Date: (C)2011-08-01 (M)2021-06-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10 or Symantec System Center (SSC) 10.x or Symantec Quarantine Server 3.5 or 3.6 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to sanitize user supplied input to 38292 port. Successful exploitation could allow an attacker to execute arbitrary code.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Symantec Antivirus |
Symantec Quarantine Server |
Symantec System Center |