Vulnerabilities > Symantec > Ghost Solutions Suite > 1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-09-20 | CVE-2015-5689 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Deployment Solution and Ghost Solutions Suite ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image. | 6.8 |
2008-02-08 | CVE-2008-0640 | Improper Authentication vulnerability in Symantec Ghost Solutions Suite 1.1/2.0.0/2.0.1 Symantec Ghost Solution Suite 1.1 before 1.1 patch 2, 2.0.0, and 2.0.1 does not authenticate connections between the console and the Ghost Management Agent, which allows remote attackers to execute arbitrary commands via unspecified RPC requests in conjunction with ARP spoofing. | 10.0 |