Code injection

2012-02-2213:54:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

54.7%

JSON

Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response.

CPENameOperatorVersion
altiris_client_management_suite_pcanywhere_solutioneq7.0
altiris_deployment_solution_remote_pcanywhere_solutioneq7.1
altiris_it_management_suite_pcanywhere_solutioneq7.0
altiris_it_management_suite_pcanywhere_solutioneq7.1
pcanywhereeq12.5
pcanywhereeq12.1
pcanywhereeq11.5
pcanywhereeq10.0
pcanywhereeq11.0.1
pcanywhereeq12.5.265

Name	Operator	Version
altiris_client_management_suite_pcanywhere_solution	eq	7.0
altiris_deployment_solution_remote_pcanywhere_solution	eq	7.1
altiris_it_management_suite_pcanywhere_solution	eq	7.0
altiris_it_management_suite_pcanywhere_solution	eq	7.1
pcanywhere	eq	12.5
pcanywhere	eq	12.1
pcanywhere	eq	11.5
pcanywhere	eq	10.0
pcanywhere	eq	11.0.1
pcanywhere	eq	12.5.265