CVE-2013-1609

MEDIUM

Description

Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.

References

http://www.securityfocus.com/bid/58617

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130321_00

Details

Source: MITRE

Published: 2013-03-26

Updated: 2013-03-27

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.1

Severity: MEDIUM