CVE-2015-1484

EPSS 0.07%
Veröffentlicht 22.04.2015 10:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secure@symantec.com
CVE-Watchlists
Login
Unerledigt
Login

Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Symantec ≫ Workspace Streaming Version6.1 Updatesp8

Symantec ≫ Workspace Streaming Version7.5 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.211

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://www.securityfocus.com/bid/73925

http://www.securitytracker.com/id/1032133

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150410_00

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2015-1484

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-1484

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-1484

EUVD