CVE-2012-4350

EUVD-2012-4293
Multiple unquoted Windows search path vulnerabilities in the (1) Manager and (2) Agent components in Symantec Enterprise Security Manager (ESM) before 11.0 allow local users to gain privileges via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 21%
Affected Products (NVD)
VendorProductVersion
symantecenterprise_security_manager
𝑥
≤ 10.0
symantecenterprise_security_manager
6.0
symantecenterprise_security_manager
6.5
symantecenterprise_security_manager
6.5.0
symantecenterprise_security_manager
6.5.1
symantecenterprise_security_manager
6.5.2
symantecenterprise_security_manager
6.5.3
symantecenterprise_security_manager
9.0
symantecenterprise_security_manager
9.0.1
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/56915
http://www.securitytracker.com/id?1027874
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121213_00
http://www.securityfocus.com/bid/56915
http://www.securitytracker.com/id?1027874
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121213_00