This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote host contains a program that is affected by a local
privilege escalation vulnerability.
The remote installation of Symantec Antivirus Corporate Edition
(SAVCE) or Symantec Client Security contains a flaw in the Real-Time
scanner (RTVScan) component because it fails to drop its privileges
with in a threat notification window. A local attacker may be able to
leverage this flaw to elevate his privileges to SYSTEM level and gain
complete control of the affected system.
Note that successful exploitation requires that the Notification
Message window be enabled.
See also :
SAVCE product branch 9.0 should be be upgraded to 22.214.171.1240 or
better. SAVCE product branch 10.0 & 10.1 should be upgraded to
10.1.4.4010 or better.
Risk factor :
Medium / CVSS Base Score : 6.0
CVSS Temporal Score : 5.2
Public Exploit Available : false