CVE-2016-9094
Symantec Endpoint Protection (SEP) Client 12.1.x before 12.1 RU6 MP7 or 14.0.x before 14.0 MP1 is affected by CVE-2016-9094. The issue arises when exporting quarantine logs (CSV format); file metadata can be interpreted as a formula, enabling a formula-injection style vulnerability. Exploitation ...