cbcvebase.
CVE-2011-3479
published 2012-01-25

CVE-2011-3479: Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions…

PriorityP427medium6.8CVSS 2.0
AVLACLAuSCCICAC
EXPLOIT
EPSS
1.06%
60.4th percentile
Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.

Affected

4 ranges
VendorProductVersion rangeFixed in
symantecpcanywhere
symantecpcanywhere
symantecpcanywhere
symantecpcanywhere
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.