Symantec.EndpointProtection.NetworkAccessControl.Code.Execution
Description
This indicates an attack attempt against a Code Execution vulnerability in Symantec Endpoint Protection and Symantec Network Access Control.
The vulnerability is caused by inadequate boundary and error checking within one of the code functions. It allows a remote attacker to execute arbitrary code via unauthorized accessing or enticing legitimate user to download malicious content or visit a malicious site.
Affected Products
Symantec Endpoint Protection(Management Console) 11.0 RU6(11.0.600x)
Symantec Endpoint Protection(Management Console) 11.0 RU6-MP1(11.0.6100)
Symantec Endpoint Protection(Management Console) 11.0 RU6-MP2(11.0.6200)
Symantec Endpoint Protection(Management Console) 11.0 RU6-MP3(11.0.6300)
Symantec Endpoint Protection(Management Console) 11.0 RU7(11.0.700x)
Symantec Endpoint Protection(Management Console) 11.0 RU7-MP1(11.0.710x)
Symantec Network Access Control(Management Console)11.0 RU6(11.0.600x)
Symantec Network Access Control(Management Console)11.0 RU6-MP1(11.0.6100)
Symantec Network Access Control(Management Console)11.0 RU6-MP2(11.0.6200)
Symantec Network Access Control(Management Console)11.0 RU6-MP3(11.0.6300)
Symantec Network Access Control(Management Console)11.0 RU7(11.0.700x)
Symantec Network Access Control(Management Console)11.0 RU7-MP1(11.0.710x)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_01
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |