← Retour aux CVEs
CVE-2016-6593
HIGH7.8
Description
A code-execution vulnerability exists during startup in jhi.dll and otpiha.dll in Symantec VIP Access Desktop before 2.2.2, which could let local malicious users execute arbitrary code.
Details CVE
Score CVSS v3.17.8
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vecteur d'attaqueLOCAL
ComplexiteLOW
Privileges requisNONE
Interaction utilisateurREQUIRED
Publie1/8/2020
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0
Produits affectes
symantec:vip_access_desktop
Faiblesses (CWE)
CWE-426
References
http://packetstormsecurity.com/files/140098/Symantec-VIP-Access-Arbitrary-DLL-Execution.html(secure@symantec.com)
http://www.securityfocus.com/archive/1/539889/100/0/threaded(secure@symantec.com)
http://www.securityfocus.com/bid/94731(secure@symantec.com)
https://support.symantec.com/us/en/article.symsa1388.html(secure@symantec.com)
http://packetstormsecurity.com/files/140098/Symantec-VIP-Access-Arbitrary-DLL-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/539889/100/0/threaded(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/94731(af854a3a-2127-422b-91ae-364da2661108)
https://support.symantec.com/us/en/article.symsa1388.html(af854a3a-2127-422b-91ae-364da2661108)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.