This script is Copyright (C) 2014 Tenable Network Security, Inc.
The version of Symantec Endpoint Protection Client installed on the
remote host is affected by multiple vulnerabilities.
The version of Symantec Endpoint Protection Client running on the
remote host is either 11.x prior to 126.96.36.199 or 12.x prior to 12.1.2
(RU2). It is, therefore, affected by multiple security
- The Application/Device Control in the SEP Client does
not properly enforce custom policies, which could allow
an attacker to circumvent policy restrictions in order
to access files or directories on the remote host.
- The SEP Client is susceptible to a flaw caused by an
unquoted search path, which could allow an attacker to
gain elevated privileges via a crafted program in the
%SYSTEMDRIVE% directory. (CVE-2013-5011)
See also :
Upgrade to 188.8.131.52 (11.x) / 12.1.2 RU2 (12.x) or later.
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.3
Public Exploit Available : false