Description
The Manager service in the management console in Symantec Endpoint Protection (SEP) 12.1 before 12.1 RU1-MP1 allows remote attackers to conduct file-insertion attacks and execute arbitrary code by leveraging exploitation of CVE-2012-0294.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53184
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53183
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027093
Scores
EPSS
0.0524
EPSS Percentile
90.1%
Details
CWE
CWE-94
Status
published
Products (3)
symantec/endpoint_protection
12.1
symantec/endpoint_protection
12.1.671
symantec/endpoint_protection
12.1.1000
Published
May 23, 2012
Tracked Since
Feb 18, 2026