cvelistv5 - cve-2016-6590

CVE-2016-6590 (GCVE-0-2016-6590)

Vulnerability from cvelistv5

Published

2020-01-08 15:43

Modified

2024-08-06 01:36

Severity ?

CWE

untrusted search path

Summary

A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.

References

URL

Tags

	http://www.securityfocus.com/bid/94279	x_refsource_MISC
	http://www.securitytracker.com/id/1037302	x_refsource_MISC
	https://support.symantec.com/us/en/article.symsa1385.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Symantec

IT Management Suite

Version: 8.0 prior to 8.0 HF4 and 7.6 prior to 7.6 HF7

Symantec	Ghost Solution Suite	Version: 3.1 prior to 3.1 MP4
Symantec	Symantec Endpoint Virtualization	Version: 7.x prior to 7.6 HF
Symantec	Encryption Desktop	Version: 0.x prior to 10.4.1 Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:36:28.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94279"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037302"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.symantec.com/us/en/article.symsa1385.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IT Management Suite",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "8.0 prior to 8.0 HF4 and  7.6 prior to 7.6 HF7"
            }
          ]
        },
        {
          "product": "Ghost Solution Suite",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "3.1 prior to 3.1 MP4"
            }
          ]
        },
        {
          "product": "Symantec Endpoint Virtualization",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "7.x  prior to 7.6 HF"
            }
          ]
        },
        {
          "product": "Encryption Desktop",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "0.x prior to 10.4.1"
            },
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "untrusted search path",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-08T15:43:33.000Z",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/bid/94279"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securitytracker.com/id/1037302"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.symantec.com/us/en/article.symsa1385.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "ID": "CVE-2016-6590",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IT Management Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.0 prior to 8.0 HF4 and  7.6 prior to 7.6 HF7"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Ghost Solution Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.1 prior to 3.1 MP4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Symantec Endpoint Virtualization",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.x  prior to 7.6 HF"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Encryption Desktop",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.x prior to 10.4.1"
                          },
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Symantec"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "untrusted search path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.securityfocus.com/bid/94279",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/bid/94279"
            },
            {
              "name": "http://www.securitytracker.com/id/1037302",
              "refsource": "MISC",
              "url": "http://www.securitytracker.com/id/1037302"
            },
            {
              "name": "https://support.symantec.com/us/en/article.symsa1385.html",
              "refsource": "CONFIRM",
              "url": "https://support.symantec.com/us/en/article.symsa1385.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2016-6590",
    "datePublished": "2020-01-08T15:43:33.000Z",
    "dateReserved": "2016-08-03T00:00:00.000Z",
    "dateUpdated": "2024-08-06T01:36:28.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2016-AVI-380

Vulnerability from certfr_avis

Une vulnérabilité a été corrigée dans les produits Symantec. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	Symantec IT Management Suite 8.0 (ITMS) sans le correctif de sécurité HF4
Symantec	N/A	Symantec Endpoint Virtualization (SEV) versions 7.x antérieures à 7.6 HF7
Symantec	N/A	Symantec Ghost Solution Suite 3.1 (GSS) sans le correctif de sécurité MP4

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted