返回 CVE 瀏覽器

CVE-2011-3478

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0930%

EPSS Percentile32.43th

Published2012年1月25日

Last Modified2026年4月29日

Vulnerability Description

The host-services component in Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), does not properly filter login and authentication data, which allows remote attackers to execute arbitrary code via a crafted session on TCP port 5631.

Affected Platforms (CPE)

📦

Symantec

Pcanywhere

= 12.5

📦

Symantec

Pcanywhere

= 12.5

📦

Symantec

Pcanywhere

= 12.5

📦

Symantec

Pcanywhere

= 12.5

📦

Symantec

Pcanywhere

= 12.5.539

📦

Symantec

Pcanywhere

= 12.6.65

📦

Symantec

Pcanywhere

= 12.6.65

📦

Symantec

Pcanywhere

= 12.6.7580

References & Advisories

🔗 http://osvdb.org/show/osvdb/78532

🔗 http://secunia.com/advisories/48092

🔗 http://www.securityfocus.com/bid/51592

🔗 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

🔗 http://www.zerodayinitiative.com/advisories/ZDI-12-018/

🔗 https://www.exploit-db.com/exploits/38599/

🔗 http://osvdb.org/show/osvdb/78532

🔗 http://secunia.com/advisories/48092

相關漏洞威脅

CVE-2000-030010.0

The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywher...

CVE-2012-029010.0

Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris...

CVE-2005-39347.8

Buffer overflow in Symantec pcAnywhere 11.0.1, 11.5.1, and all other 32-bit versions allows remote attackers to cause a denial of ...

CVE-2005-19707.2

Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to exe...