File Metadata Vulnerability in Symantec Endpoint Protection
CVE-2016-9094

7.8HIGH

Key Information:

Vendor

Symantec Corporation

Status
Endpoint Protection
Vendor
CVE Published:
16 April 2018

What is CVE-2016-9094?

In Symantec Endpoint Protection, a vulnerability exists that allows exported quarantine logs to contain file metadata that may be interpreted as formulas by applications like spreadsheets. This issue can be exploited by an attacker who convinces a user to export and open log files, potentially leading to unintended actions or the execution of arbitrary code. The vulnerability affects versions prior to 14.0 MP1 and 12.1 RU6 MP7, where such a flaw exists during the log review process.

Affected Version(s)

Endpoint Protection Prior to SEP 14.0 MP1 & SEP 12.1 RU6 MP7

References

http://www.securityfocus.com/bid/96298
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037961
vdb-entryx_refsource_SECTRACK
https://www.symantec.com/security_response/securityupdate...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.