CVE-2012-0290 | Vulnerability Database | Aqua Security

Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an open client session.

Affected Software

Name	Vendor	Start Version	End Version
Pcanywhere	Symantec	*	12.5.3 (including)
Pcanywhere	Symantec	5.0 (including)	5.0 (including)
Pcanywhere	Symantec	8.0 (including)	8.0 (including)
Pcanywhere	Symantec	9.2 (including)	9.2 (including)
Pcanywhere	Symantec	10.5 (including)	10.5 (including)
Pcanywhere	Symantec	11.5 (including)	11.5 (including)
Pcanywhere	Symantec	11.5.1 (including)	11.5.1 (including)
Pcanywhere	Symantec	12.1 (including)	12.1 (including)
Pcanywhere	Symantec	12.5-sp1 (including)	12.5-sp1 (including)
Pcanywhere	Symantec	12.5-sp2 (including)	12.5-sp2 (including)
Pcanywhere	Symantec	12.5-sp3 (including)	12.5-sp3 (including)
Pcanywhere	Symantec	12.5.265 (including)	12.5.265 (including)

References

http://secunia.com/advisories/48092
http://www.securityfocus.com/bid/51862
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00
https://exchange.xforce.ibmcloud.com/vulnerabilities/72996
http://secunia.com/advisories/48092
http://www.securityfocus.com/bid/51862
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120124_00
https://exchange.xforce.ibmcloud.com/vulnerabilities/72996

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-0290
CWE	https://cwe.mitre.org/data/definitions/.html