Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Symantec Endpoint Protection Manager < 12.1 RU3 Code Execution

High

Synopsis

The endpoint management application installed on the remote Windows host is affected by a code execution vulnerability.

Description

Versions of Symantec Endpoint Protection Manager earlier than 12.1 RU3, are potentially affected by a buffer overflow vulnerability in the 'secars.dll' component. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.

Solution

Upgrade to Symantec Endpoint Protection 12.1 RU3 or later.