Lucene search

[email protected]CVE-2015-8113

HistoryNov 12, 2015 - 3:59 a.m.

CVE-2015-8113

2015-11-1203:59:09

[email protected]

web.nvd.nist.gov

cve-2015-8113

symantec

endpoint protection

vulnerability

security

trojan horse

dll

privileges

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.7%

JSON

Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1492.

Affected configurations

NVD

Node

symantecendpoint_protectionRange≤12.1ru6mp2

CPENameOperatorVersion
symantec:endpoint_protectionsymantec endpoint protectionle12.1

CPE	Name	Operator	Version
symantec:endpoint_protection	symantec endpoint protection	le	12.1

References

www.securityfocus.com/bid/77585

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20151109_00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.7%

JSON

Related for CVE-2015-8113

nvd2 cvelist2 prion2 nessus2 symantec2 openvas2 cve1