CVE-2013-1612

Symantec Endpoint Protection Manager - Memory Corruption

Title source: rule

Description

Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x before 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote attackers to execute arbitrary code via unspecified vectors.

Exploits (1)

exploitdb WORKING POC

by st3n · perldoswindows

https://www.exploit-db.com/exploits/33056

View Code ZIP pw:eip

References (2)

[Third Party Advisory] http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20130618_00

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/60542

Scores

EPSS 0.0270

EPSS Percentile 85.9%

Details

CWE

CWE-119

Status published

Products (5)

symantec/endpoint_protection_center 12.0.0

symantec/endpoint_protection_center 12.0.1

symantec/endpoint_protection_manager 12.1.0

symantec/endpoint_protection_manager 12.1.1

symantec/endpoint_protection_manager 12.1.2

Published Jun 20, 2013

Tracked Since Feb 18, 2026