Vulnerabilities > CVE-2018-12244 - Improper Neutralization of Formula Elements in a CSV File vulnerability in Symantec Endpoint Protection
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 48 |