Description
Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130321_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/58617
Scores
EPSS
0.0027
EPSS Percentile
50.7%
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
Status
published
Products (2)
symantec/enterprise_vault_for_file_system_archiving
10.0.0
symantec/enterprise_vault_for_file_system_archiving
< 9.0.3
Published
Mar 26, 2013
Tracked Since
Feb 18, 2026