CVE-2011-3478

Currently unrated

Key Information:

Vendor: Symantec
Status: Pcanywhere
Vendor: CVE Published:; 25 January 2012

Summary

The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.

References

http://osvdb.org/show/osvdb/78532

vdb-entryx_refsource_OSVDB

https://www.exploit-db.com/exploits/38599/

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/51592

vdb-entryx_refsource_BID

EPSS Score

87% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 25, 2012
Vulnerability Reserved
Sep 14, 2011