How to Buy
This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote Windows host has an application that is affected by a local
format string vulnerability.
The version of Symantec pcAnywhere installed on the remote Windows
host does not properly handle format strings within remote control
file names ('.CHF') or their associated file paths. Using a specially
crafted file or path name, a local user may be able to exploit this
issue to read or write arbitrary memory and at a minimum crash the
See also :
Upgrade to pcAnywhere version 12.5.0 Build 442 (also known as 12.5
SP1) or later.
Risk factor :
Medium / CVSS Base Score : 4.6
CVSS Temporal Score : 3.8
Public Exploit Available : true
Nessus Plugin ID: 35976 ()
Bugtraq ID: 33845
CVE ID: CVE-2009-0538
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.