Vulnerability Description
Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Endpoint Protection | <= 11.0.7.3 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/64130
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90226
- http://www.securityfocus.com/bid/64130
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securitVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90226
FAQ
What is CVE-2013-5011?
CVE-2013-5011 is a vulnerability with a CVSS score of 7.2 (HIGH). Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x befor...
How severe is CVE-2013-5011?
CVE-2013-5011 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5011?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Endpoint Protection.