CVE-2015-1484

Currently unrated

Key Information:

Vendor: Symantec
Status: Workspace Streaming
Vendor: CVE Published:; 22 April 2015

Summary

Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

References

http://www.securitytracker.com/id/1032133

vdb-entryx_refsource_SECTRACK

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/73925

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 22, 2015
Vulnerability Reserved
Feb 5, 2015