CyberSec.Space Logo
Back to CVE Browser

CVE-2015-1484

MEDIUM
6.9
CVSS Severity Score
EPSS Score0.1390%
EPSS Percentile42.29th
PublishedApr 22, 2015
Last ModifiedMay 6, 2026

Vulnerability Description

Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

Affected Platforms (CPE)

πŸ“¦
Symantec

Workspace Streaming

= 6.1
πŸ“¦
Symantec

Workspace Streaming

= 7.5

References & Advisories

πŸ”— http://www.securityfocus.com/bid/73925
πŸ”— http://www.securitytracker.com/id/1032133
πŸ”— http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150410_00
πŸ”— http://www.securityfocus.com/bid/73925
πŸ”— http://www.securitytracker.com/id/1032133
πŸ”— http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150410_00

Related Vulnerabilities

CVE-2008-43899.3

Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which...

CVE-2014-16497.9

The server in Symantec Workspace Streaming (SWS) before 7.5.0.749 allows remote attackers to access files and functionality by sen...

CVE-2016-22055.7

Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streamin...

CVE-2016-22065.7

The management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Worksp...

CVE-2015-1484 Detail & Impact Analysis | CVSS 6.9 (MEDIUM) | Cyber-Sec.Space | Cyber-Sec.Space