Multiple unquoted Windows search path vulnerabilities in the Manager and Agent components in Symantec Enterprise Security Manager (ESM)ID: oval:org.secpod.oval:def:8255 | Date: (C)2013-01-07 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with Symantec Enterprise Security Manager (ESM) before 11.0 and is prone to multiple unquoted Windows search path vulnerabilities. The flaws are present in the application, which fails to properly handle memory. Successful exploitation allows an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.
Platform: |
Microsoft Windows 7 |
Microsoft Windows 2000 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Symantec Enterprise Security Manager |