The host is installed with Symantec Endpoint Manager 11.0 RU6 before 11.0 RU7 MP1 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to handle a crafted script. Successful exploitation could allow local users to gain privileges.