Vulnerability Description
The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Endpoint Protection | 12.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/53183
- http://www.securityfocus.com/bid/53184
- http://www.securitytracker.com/id?1027093
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securitVendor Advisory
- http://www.securityfocus.com/bid/53183
- http://www.securityfocus.com/bid/53184
- http://www.securitytracker.com/id?1027093
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securitVendor Advisory
FAQ
What is CVE-2012-0295?
CVE-2012-0295 is a vulnerability with a CVSS score of 9.3 (HIGH). The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by lev...
How severe is CVE-2012-0295?
CVE-2012-0295 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0295?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Endpoint Protection.