Vulnerability in Symantec Enterprise_security_manager
CVE-2007-2375
The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code via software that implements the agent u…
EPSS: 0.056 (91.9th percentile) — read the EPSS interpretation.
Affected products
- Symantec Enterprise_security_manager — versions 5.5.3, 6.0, 6.5
- N/a — versions n/a
References
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_VUPEN)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)