CVE Vulnerabilities

CVE-2007-3021

Published: Jun 05, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, does not initialize a critical variable, which allows attackers to create arbitrary executable files via unknown manipulations of a file that is created during data export.

Affected Software

Name Vendor Start Version End Version
Client_security Symantec 3.1 (including) 3.1 (including)
Client_security Symantec 3.1.394 (including) 3.1.394 (including)
Client_security Symantec 3.1.396 (including) 3.1.396 (including)
Client_security Symantec 3.1.400 (including) 3.1.400 (including)
Client_security Symantec 3.1.401 (including) 3.1.401 (including)
Norton_antivirus Symantec 10.0.2.2021 (including) 10.0.2.2021 (including)
Norton_antivirus Symantec 10.1 (including) 10.1 (including)
Norton_antivirus Symantec 10.1.396 (including) 10.1.396 (including)
Norton_antivirus Symantec 10.1.400 (including) 10.1.400 (including)
Norton_antivirus Symantec 10.1.401 (including) 10.1.401 (including)
Reporting_server Symantec * 1.0.197.0 (including)

References