![]() If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. SEP 14.0 and later are not impacted by this issue. Published: Ap3:29:00 PM -0400Ī version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. The quarantine logs can be exported for review by the user in a variety of formats including. ![]() Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events. ![]() Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |