CVE-2016-6593

Опубликовано: 08 янв. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 4.4

EPSS Низкий

Описание

A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code.

Ссылки

http://packetstormsecurity.com/files/140098/Symantec-VIP-Access-Arbitrary-DLL-Execution.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/539889/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/94731
Third Party Advisory
VDB Entry
https://support.symantec.com/us/en/article.symsa1388.html
Vendor Advisory
http://packetstormsecurity.com/files/140098/Symantec-VIP-Access-Arbitrary-DLL-Execution.html
Exploit
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/539889/100/0/threaded
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/94731
Third Party Advisory
VDB Entry
https://support.symantec.com/us/en/article.symsa1388.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:symantec:vip_access_desktop:*:*:*:*:*:*:*:*

Версия до 2.2.2 (исключая)

EPSS

Процентиль: 57%

0.00344

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-426

Связанные уязвимости

GHSA-7g77-97mx-6jpp

github

больше 3 лет назад