10
CVE-2007-2375
- EPSS 5.58%
- Veröffentlicht 30.04.2007 23:19:00
- Zuletzt bearbeitet 16.06.2026 22:39:27
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code via software that implements the agent upgrade protocol.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Symantec ≫ Enterprise Security Manager Version5.5.3
Symantec ≫ Enterprise Security Manager Version6.0
Symantec ≫ Enterprise Security Manager Version6.5
Symantec ≫ Enterprise Security Manager Version6.5.1
Symantec ≫ Enterprise Security Manager Version6.5.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.58% | 0.919 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://secunia.com/advisories/24767
http://www.securityfocus.com/bid/23287
http://www.securitytracker.com/id?1017881
http://www.symantec.com/avcenter/security/Content/2007.04.05d.html
http://www.vupen.com/english/advisories/2007/1277