CVE-2007-2375

Currently unrated

Key Information:

Vendor: Symantec
Status: Enterprise Security Manager
Vendor: CVE Published:; 30 April 2007

Summary

The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code via software that implements the agent upgrade protocol.

References

http://www.securityfocus.com/bid/23287

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1017881

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2007/1277

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Apr 30, 2007
Vulnerability Reserved
Apr 30, 2007