Vulnerability Description
Untrusted search path vulnerability in Symantec System Recovery 2011 before SP2 and Backup Exec System Recovery 2010 before SP5 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Backupexec System Recovery | 2010 |
| Symantec | System Recovery | 2011 |
References
- http://www.securityfocus.com/bid/54594
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit
- http://www.securityfocus.com/bid/54594
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit
FAQ
What is CVE-2012-0305?
CVE-2012-0305 is a vulnerability with a CVSS score of 4.4 (MEDIUM). Untrusted search path vulnerability in Symantec System Recovery 2011 before SP2 and Backup Exec System Recovery 2010 before SP5 allows local users to gain privileges via a Trojan horse DLL in the curr...
How severe is CVE-2012-0305?
CVE-2012-0305 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0305?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Backupexec System Recovery, Symantec System Recovery.