9.3

CVE-2007-2279

The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SymantecVeritas Storage Foundation Version5.0 Editionwindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.82% 0.922
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/36104
http://secunia.com/advisories/25537
Vendor Advisory
http://seer.entsupport.symantec.com/docs/288627.htm
http://www.securityfocus.com/archive/1/470562/100/0/threaded
http://www.securityfocus.com/bid/24194
http://www.securitytracker.com/id?1018188
http://www.symantec.com/avcenter/security/Content/2007.06.01.html
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2007/2035
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34680