CyberSec.Space Logo
Back to CVE Browser

CVE-2011-3478

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0930%
EPSS Percentile32.43th
PublishedJan 25, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.

Affected Platforms (CPE)

πŸ“¦
Symantec

Pcanywhere

= 12.5
πŸ“¦
Symantec

Pcanywhere

= 12.5
πŸ“¦
Symantec

Pcanywhere

= 12.5
πŸ“¦
Symantec

Pcanywhere

= 12.5
πŸ“¦
Symantec

Pcanywhere

= 12.5.539
πŸ“¦
Symantec

Pcanywhere

= 12.6.65
πŸ“¦
Symantec

Pcanywhere

= 12.6.65
πŸ“¦
Symantec

Pcanywhere

= 12.6.7580

References & Advisories

πŸ”— http://osvdb.org/show/osvdb/78532
πŸ”— http://secunia.com/advisories/48092
πŸ”— http://www.securityfocus.com/bid/51592
πŸ”— http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-12-018/
πŸ”— https://www.exploit-db.com/exploits/38599/
πŸ”— http://osvdb.org/show/osvdb/78532
πŸ”— http://secunia.com/advisories/48092

Related Vulnerabilities

CVE-2000-030010.0

The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywher...

CVE-2012-029010.0

Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris...

CVE-2005-39347.8

Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of ...

CVE-2005-19707.2

Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to exe...