Local Privilege Escalation in Symantec PCAnywhere Versions 10.x and 11
CVE-2003-0936

Currently unrated

Key Information:

Vendor: Symantec
Status: Pcanywhere
Vendor: CVE Published:; 15 December 2003

Summary

Symantec PCAnywhere versions 10.x and 11, when launched as a service, present a significant risk due to a vulnerability that allows local users to gain SYSTEM privileges. This occurs through the help interface via the executable AWHOST32.exe. Attackers could exploit this weakness to execute commands with elevated permissions, thereby compromising the integrity and security of the affected systems. It's crucial for users of these versions to apply necessary updates and patches to mitigate potential risks.

References

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

http://marc.info/?l=bugtraq&m=106876107330752&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=106875764826251&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Dec 15, 2003
Vulnerability Reserved
Nov 10, 2003