Rapid7 Vulnerability & Exploit Database

Vulnerable version of pcAnywhere software

Back to Search

Vulnerable version of pcAnywhere software

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
01/27/2012
Created
07/25/2018
Added
12/05/2014
Modified
03/18/2015

Description

Applies to versions below 12.5.5

Symantec pcAnywhere is susceptible to local file tampering elevation of privilege attempts and remote code execution attempts. It is possible to run arbitrary code on a targeted system in the context of the application which is normally System. Symantec pcAnywhere is also susceptible to access violation and input instability issues that could potentially prevent fully closing a remote client connection or result in a server or client denial of service.Symantec pcAnywhere is susceptible to local file tampering elevation of privilege attempts and remote code execution attempts. It is possible to run arbitrary code on a targeted system in the context of the application which is normally System. Symantec pcAnywhere is also susceptible to access violation and input instability issues that could potentially prevent fully closing a remote client connection or result in a server or client denial of service.

Solution(s)

  • pcanywhere-upgrade-to-latest-version

References

  • pcanywhere-upgrade-to-latest-version

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;