CVE-2012-0291

2012-02-2213:54:00

CWE-20

[email protected]

web.nvd.nist.gov

symantec

pcanywhere

altiris

cve-2012-0291

denial of service

nvd

vulnerability

6.9 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

54.5%

JSON

Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response.

CPENameOperatorVersion
symantec:pcanywheresymantec pcanywhereeq12.5
symantec:pcanywheresymantec pcanywhereeq12.1
symantec:pcanywheresymantec pcanywhereeq11.5
symantec:pcanywheresymantec pcanywhereeq10.0
symantec:pcanywheresymantec pcanywhereeq11.0.1
symantec:pcanywheresymantec pcanywhereeq12.5.265
symantec:pcanywheresymantec pcanywhereeq12.0
symantec:pcanywheresymantec pcanywhereeq12.5.3
symantec:pcanywheresymantec pcanywhereeq12.0.2
symantec:pcanywheresymantec pcanywhereeq11.5.1

CPE	Name	Operator	Version
symantec:pcanywhere	symantec pcanywhere	eq	12.5
symantec:pcanywhere	symantec pcanywhere	eq	12.1
symantec:pcanywhere	symantec pcanywhere	eq	11.5
symantec:pcanywhere	symantec pcanywhere	eq	10.0
symantec:pcanywhere	symantec pcanywhere	eq	11.0.1
symantec:pcanywhere	symantec pcanywhere	eq	12.5.265
symantec:pcanywhere	symantec pcanywhere	eq	12.0
symantec:pcanywhere	symantec pcanywhere	eq	12.5.3
symantec:pcanywhere	symantec pcanywhere	eq	12.0.2
symantec:pcanywhere	symantec pcanywhere	eq	11.5.1