CVE-2005-1970

HIGH

Description

Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature.

References

http://secunia.com/advisories/15673

http://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html

http://securitytracker.com/id?1014178

http://www.securityfocus.com/bid/13933

Details

Source: MITRE

Published: 2005-06-16

Updated: 2008-09-05

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

Tenable Plugins

View all (1 total)

IDNameProductFamilySeverity
20743Symantec pcAnywhere Launch with Windows Caller Properties Local Privilege EscalationNessusWindows
high