Denial of Service Vulnerability in Symantec pcAnywhere and Altiris Solutions
CVE-2012-0292

Currently unrated

Key Information:

Vendor: Symantec
Status: Pcanywhere
Vendor: CVE Published:; 8 March 2012

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2012-0292?

The awhost32 service in Symantec pcAnywhere and various Altiris solutions is susceptible to a denial of service vulnerability. This issue occurs when remote attackers exploit a crafted TCP session on port 5631, leading to a crash of the daemon. The affected products include versions of Symantec pcAnywhere and several Altiris solutions, exposing systems to potential disruptions.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2012-0292 - Proof of Concept

References

http://www.securityfocus.com/bid/52094

vdb-entryx_refsource_BID

http://www.exploit-db.com/exploits/18493/

exploitx_refsource_EXPLOIT-DB

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 8, 2012
👾
Exploit known to exist
Mar 8, 2012
Vulnerability published
Mar 8, 2012
Vulnerability Reserved
Jan 4, 2012

CVE-2012-0292 Data

JSON