Untrusted search path vulnerability in Symantec System Recovery and Backup Exec System RecoveryID: oval:org.secpod.oval:def:6416 | Date: (C)2012-07-26 (M)2021-07-09 |
Class: VULNERABILITY | Family: windows |
The host is installed with Symantec System Recovery 2011 before SP2 or Backup Exec System Recovery 2010 before SP5 and is prone to untrusted search path vulnerability. A flaw is present in the application, which fails to handle a Trojan horse DLL in the current working directory. Successful exploitation allows local users to gain privileges.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Symantec Backup Exec System Recovery |
Symantec System Recovery |