Remote Code Execution in Symantec Ghost Solution Suite by Attackers
CVE-2012-0306

Currently unrated

Key Information:

Vendor: Symantec
Status: Ghost Solutions Suite
Vendor: CVE Published:; 18 October 2012

Summary

The vulnerability in Symantec Ghost Solution Suite versions 2.x through 2.5.1 enables remote attackers to exploit a flaw in the handling of crafted backup files, potentially leading to arbitrary code execution or a denial of service through memory corruption. This serious security weakness can allow an attacker to gain unauthorized control of the system, thereby compromising the integrity and confidentiality of the data managed by the software.

References

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/55748

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1027648

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Oct 18, 2012
Vulnerability Reserved
Jan 4, 2012