Improper input validation in Symantec Altiris_client_management_suite_pcanywhere_solution

CVE-2012-0291

Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment So…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.007 (71.7th percentile) — read the EPSS interpretation.

Affected products

Symantec Altiris_client_management_suite_pcanywhere_solution — versions 7.0
Symantec Altiris_deployment_solution_remote_pcanywhere_solution — versions 7.1
Symantec Altiris_it_management_suite_pcanywhere_solution — versions 7.0, 7.1
Symantec Pcanywhere — versions 10.0, 10.5, 11.0
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
51965 (vdb-entry, x_refsource_BID)
48092 (x_refsource_SECUNIA, third-party-advisory)