KLA10356
Multiple vulnerabilities in pcAnywhere

Updated: 09/26/2023
Detect date
?
02/22/2012
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Symantec products. Malicious users can exploit these vulnerabilities to obtain access to client information or cause denial of service. Below is a complete list of vulnerabilities

  1. lack of client state control can be exploited remotely by leveraging ‘open client session’;
  2. 2. Unknown vectors can be exploited via a specially designed TCP session or response.
Affected products

Symantec pcAnywhere versions 12.5.3 and earlier
Symantec Altiris IT Management Suite pcAnywhere Solution 7.0 and 7.1
Symantec Altiris Client Management Suite pcAnywhere Solution 7.0 and 7.1
Symantec Altiris Deployment Solution Remote pcAnywhere Solution 7.1

Solution

Update to latest version

Impacts
?
DoS 
[?]

SB 
[?]
Related products
Symantec pcAnywhere
CVE-IDS
?
CVE-2012-02925.0Critical
CVE-2012-02915.0Critical
Exploitation

Public exploits exist for this vulnerability.

Find out the statistics of the vulnerabilities spreading in your region