Symantec Enterprise Vault < 10.0.2 Multiple Vulnerabilities in Oracle Outside-In Libraries (SYM12-015)
Medium Nessus Plugin ID 62458
SynopsisAn archiving application installed on the remote host has multiple vulnerabilities.
DescriptionThe version of Symantec Enterprise Vault installed on the remote host uses a version of the Oracle Outside-In libraries that contains multiple vulnerabilities. A remote attacker could send an email with a malicious attachment to be downloaded and stored in a user's mail box until processed for archiving thus potentially resulting in a denial of service in the application or allow arbitrary code execution.
SolutionUpgrade to Symantec Enterprise Vault version 10.0.2 or later.