153 matches found
Symantec Endpoint Encryption Client Installed
Binary data symantecendpointencryptiondriveencryptioninstalled.nbin...
Symantec Endpoint Encryption < 8.x / 9.x < 11.1.1 Unquoted Search Path Local Privilege Escalation (SYM16-006)
The version of the Symantec Endpoint Encryption SEE Drive Encryption Client installed on the remote Windows host is prior to 11.1.1. It is, therefore, affected by a privilege escalation vulnerability due to an unquoted search path in EEDService. A local attacker can exploit this to escalate...
Symantec Endpoint Encryption EEDService Arbitrary Code Execution Vulnerability
Symantec Endpoint Encryption SEE is a suite of software from Symantec Corporation that provides advanced encryption and management capabilities for desktops, laptops, and removable storage devices. A security vulnerability exists in Symantec Endpoint Encryption SEE version 11.x in EEDService. A...
Symantec Endpoint Encryption Unquoted Service Path Local Elevation of Privilege
SUMMARY Symantec Endpoint Encryption SEE has an unquoted search path in EEDService. This could provide a non-privileged local user the ability to successfully insert arbitrary code in the root path. AFFECTED PRODUCTS Symantec Endpoint Encryption --- CVE | Affected Versions | Remediation...
Symantec Endpoint Encryption Information Disclosure Vulnerability
Symantec Endpoint Encryption i.e. SEE is a suite of software from Symantec that provides advanced encryption and management capabilities for desktops, laptops and removable storage devices. An information disclosure vulnerability exists in versions of Symantec Endpoint Encryption prior to 11.1.0...
CVE-2015-6556
EACommunicatorSrv.exe in the Framework Service in the client in Symantec Endpoint Encryption SEE before 11.1.0 allows remote authenticated users to discover credentials by triggering a memory dump...
Design/Logic Flaw
EACommunicatorSrv.exe in the Framework Service in the client in Symantec Endpoint Encryption SEE before 11.1.0 allows remote authenticated users to discover credentials by triggering a memory dump...
CVE-2015-6556
Symantec Endpoint Encryption (SEE) up to version 11.0 is affected by CVE-2015-6556 due to EACommunicatorSrv.exe in the Framework Service allowing an authenticated remote user to trigger a memory dump and access credentials stored on the client. The issue is documented with a low CVSS v2 base scor...
CVE-2015-6556
EACommunicatorSrv.exe in the Framework Service in the client in Symantec Endpoint Encryption SEE before 11.1.0 allows remote authenticated users to discover credentials by triggering a memory dump...
Symantec Releases Security Update
Symantec has released Symantec Endpoint Encryption 11.1.0 to address a vulnerability that may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Security Advisory from Symantec and apply the necessary update. This product is provided...
Symantec Endpoint Encryption Client Memory Dump Information Disclosure
SUMMARY Symantecs Endpoint Encryption SEE Client is susceptible to information disclosure if a user with access to a system hosting a client is able to force a client memory dump and access the content of the memory dump. This could result in unauthorized exposure of such things as stored...
McAfee EEFF / FRP Predictable Salt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-008 Products: McAfee Endpoint Encryption for Files and Folders EEFF McAfee File and Removable Media Protection FRP Vendor: McAfee, Inc. Affected Versions: EEFF 3.2.x, 4.0.x, 4.1.x, 4.2.x; FRP 4.3.0.x Tested Versions: 4.2.0.164...
Hardcoded credentials
The 1 Removable Media and 2 CD and DVD encryption offsite access options formerly Endpoint Encryption for Removable Media or EERM in McAfee File and Removable Media Protection FRP 4.3.0.x, and Endpoint Encryption for Files and Folders EEFF 3.2.x through 4.2.x, uses a hard-coded salt, which makes ...