CVE-2011-3478

Symantec pcAnywhere <12.5.3 - RCE

Title source: llm

Description

The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Tomislav Paskalev · pythonremotewindows_x86

https://www.exploit-db.com/exploits/38599

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by S2 Crew · pythonremotewindows

https://www.exploit-db.com/exploits/19407

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://osvdb.org/show/osvdb/78532

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/38599/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/51592

[Vendor Advisory] http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-12-018/

[Third Party Advisory] http://secunia.com/advisories/48092

Scores

EPSS 0.5290

EPSS Percentile 98.0%

Details

CWE

CWE-287

Status published

Products (4)

symantec/pcanywhere 12.5 (4 CPE variants)

symantec/pcanywhere 12.5.539

symantec/pcanywhere 12.6.65 (2 CPE variants)

symantec/pcanywhere 12.6.7580

Published Jan 25, 2012

Tracked Since Feb 18, 2026