CyberSec.Space Logo
Back to CVE Browser

CVE-2007-2361

MEDIUM
4.9
CVSS Severity Score
EPSS Score0.1660%
EPSS Percentile39.25th
PublishedApr 30, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote backups of restore points images are configured, uses weak permissions (world readable) for a configuration file with network share credentials, which allows local users to obtain the credentials by reading the file.

Affected Platforms (CPE)

πŸ“¦
Symantec

Backupexec System Recovery

= 6.5
πŸ“¦
Symantec

Backupexec System Recovery

= 6.52
πŸ“¦
Symantec

Backupexec System Recovery

= 6.52a
πŸ“¦
Symantec

Backupexec System Recovery

= 6.53
πŸ“¦
Symantec

Livestate Recovery

= 6.0
πŸ“¦
Symantec

Livestate Recovery

= 6.01
πŸ“¦
Symantec

Livestate Recovery

= 6.02
πŸ“¦
Symantec

Norton Ghost

= 10.0
πŸ“¦
Symantec

Norton Ghost

= 10.0
πŸ“¦
Symantec

Norton Ghost

= 10.0
πŸ“¦
Symantec

Norton Ghost

= 10.01
πŸ“¦
Symantec

Norton Save And Recovery

= 1.01
πŸ“¦
Symantec

Norton Save And Recovery

= 1.01b
πŸ“¦
Symantec

Norton Save And Recovery

= 11.0
πŸ“¦
Symantec

Norton Save And Recovery

= 11.01
πŸ“¦
Symantec

Norton Save And Recovery

= 11.01b

References & Advisories

πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520
πŸ”— http://secunia.com/advisories/25013
πŸ”— http://www.securitytracker.com/id?1017971
πŸ”— http://www.symantec.com/avcenter/security/Content/2007.04.26.html
πŸ”— http://www.vupen.com/english/advisories/2007/1552
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/33929
πŸ”— http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=520
πŸ”— http://secunia.com/advisories/25013

Related Vulnerabilities

CVE-2007-23597.2

Buffer overflow in Ghost Service Manager, as used in Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and Backup...

CVE-2007-23606.8

Symantec Norton Ghost, Norton Save & Recovery, LiveState Recovery, and BackupExec System Recovery before 20070426, when remote bac...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...