Vulnerabilities > CVE-2006-1286 - Information Disclosure vulnerability in Symantec Ghost Solutions Suite and Norton Ghost

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

symantec

NVD

Published: 2006-03-19

Updated: 2017-07-20

Summary

Buffer overflow in the login dialog in dbisqlc.exe in SQLAnywhere for Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, might allow local users to read certain sensitive information from the database. Update to Symantec Ghost 8.3 that is shipped as a part of Symantec Ghost Solutions Suite 1.1.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Ghost Solutions Suite 1.0 Symantec Norton Ghost 8.0 Symantec Norton Ghost 8.2	3

References

http://secunia.com/advisories/19171
http://securityresponse.symantec.com/avcenter/security/Content/2006.03.07.html
http://securitytracker.com/id?1015733
http://www.vupen.com/english/advisories/2006/0870
https://exchange.xforce.ibmcloud.com/vulnerabilities/25089