Local Privilege Escalation in Symantec Enterprise Security Manager
CVE-2012-4350

Currently unrated

Key Information:

Vendor: Symantec
Status: Enterprise Security Manager
Vendor: CVE Published:; 18 December 2012

Summary

Multiple unquoted Windows search path vulnerabilities exist in the Manager and Agent components of Symantec Enterprise Security Manager prior to version 11.0. These vulnerabilities enable local users to potentially exploit unspecified vectors to gain elevated privileges on the affected system, posing a significant security risk to users and organizations relying on Symantec ESM for endpoint protection.

References

http://www.securitytracker.com/id?1027874

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/56915

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 18, 2012
Vulnerability Reserved
Aug 16, 2012