Symantec Scan Engine 5.0.0.24, and possibly other versions before 5.1.0.7, uses a client-side check to verify a password, which allows remote attackers to gain administrator privileges via a modified client that sends certain XML requests.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Antivirus_scan_engine | Symantec | 5.0.0.24 (including) | 5.0.0.24 (including) |