Lucene search

K

[email protected]NVD:CVE-2009-0538

HistoryMar 18, 2009 - 3:30 p.m.

CVE-2009-0538

2009-03-1815:30:00

CWE-134

[email protected]

web.nvd.nist.gov

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.4%

Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).

Affected configurations

NVD

Node

symantecpcanywhereRange≤12.5

OR

symantecpcanywhereMatch10.0

OR

symantecpcanywhereMatch10.5

OR

symantecpcanywhereMatch11.0

OR

symantecpcanywhereMatch11.0.1

OR

symantecpcanywhereMatch11.5

OR

symantecpcanywhereMatch11.5.1

OR

symantecpcanywhereMatch12.0

OR

symantecpcanywhereMatch12.1

References

osvdb.org/52797

secunia.com/advisories/34305

securityresponse.symantec.com/avcenter/security/Content/2009.03.17.html

securitytracker.com/id?1021855

www.layereddefense.com/pcanywhere17mar.html

www.securityfocus.com/archive/1/501930/100/0/threaded

www.securityfocus.com/bid/33845

www.vupen.com/english/advisories/2009/0755

exchange.xforce.ibmcloud.com/vulnerabilities/49291

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.4%

Related for NVD:CVE-2009-0538

securityvulns2 openvas6 cve1 prion1 cvelist1 nessus1 symantec1 seebug1