Full Disclosure

SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection

Leave a comment

Posted by SEC Consult Vulnerability Lab on Nov 06

SEC Consult Vulnerability Lab Security Advisory < 20141106-0 >
=======================================================================
title: XXE & XSS & Arbitrary File Write vulnerabilities
product: Symantec Endpoint Protection
vulnerable version: 12.1.4023.4080
fixed version: 12.1.5 (RU 5)
impact: Critical
CVE number: CVE-2014-3437, CVE-2014-3438, CVE-2014-3439…

Leave a Reply