Vulnerabilities > CVE-2007-2375 - Remote Upgrade Remote Code Execution vulnerability in Symantec Enterprise Security Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The agent remote upgrade interface in Symantec Enterprise Security Manager (ESM) before 20070405 does not verify the authenticity of upgrades, which allows remote attackers to execute arbitrary code via software that implements the agent upgrade protocol.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |