2 matches found
ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability EMC Identifier: ESA-2014-179 CVE Identifier: CVE-2014-4634 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected products: EMC...
CVE-2014-4634
CVE-2014-4634 describes an unquoted Windows search path vulnerability in EMC Replication Manager (pre-5.5.2) and EMC AppSync (pre-2.1.0). The underlying issue is an unquoted service path used by Windows services, enabling a local attacker to abuse a Trojan horse executable whose name starts with ...