Description
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an "open client session."
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/51862
Vendor Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/72996
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/48092
Scores
EPSS
0.0269
EPSS Percentile
86.1%
Details
Status
published
Products (17)
symantec/altiris_client_management_suite_pcanywhere_solution
12.5 (3 CPE variants)
symantec/altiris_client_management_suite_pcanywhere_solution
12.6 (3 CPE variants)
symantec/altiris_deployment_solution_remote_pcanywhere_solution
12.5 (3 CPE variants)
symantec/altiris_deployment_solution_remote_pcanywhere_solution
12.6 (3 CPE variants)
symantec/pcanywhere
5.0
symantec/pcanywhere
8.0
symantec/pcanywhere
9.2
symantec/pcanywhere
10.5
symantec/pcanywhere
11.5
symantec/pcanywhere
11.5.1
... and 7 more
Published
Feb 06, 2012
Tracked Since
Feb 18, 2026