Design/Logic Flaw

Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption SEE 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe...

CVE-2015-8156

Summary of CVE-2015-8156 from provided documents The issue affects Symantec Endpoint Encryption (SEE), specifically the Drive Encryption/EEDService component in SEE 11.x before 11.1.1. A local attacker could exploit an unquoted Windows search path vulnerability to escalate privileges by placing a...

Symantec Endpoint Encryption EEDService Arbitrary Code Execution Vulnerability

Symantec Endpoint Encryption SEE is a suite of software from Symantec Corporation that provides advanced encryption and management capabilities for desktops, laptops, and removable storage devices. A security vulnerability exists in Symantec Endpoint Encryption SEE version 11.x in EEDService. A...

Symantec Endpoint Encryption Unquoted Service Path Local Elevation of Privilege

SUMMARY Symantec Endpoint Encryption SEE has an unquoted search path in EEDService. This could provide a non-privileged local user the ability to successfully insert arbitrary code in the root path. AFFECTED PRODUCTS Symantec Endpoint Encryption --- CVE | Affected Versions | Remediation...