Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-7286

CWE-119 — Buffer Overflow4 documents4 sources

Severity

7.2HIGH

EPSS

0.8%

top 26.20%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Deployment Solution

Timeline

PublishedDec 22

Latest updateMay 14

Description

Buffer overflow in AClient in Symantec Deployment Solution 6.9 and earlier on Windows XP and Server 2003 allows local users to gain privileges via unspecified vectors.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDsymantec/deployment_solution6.9

🔴Vulnerability Details

GHSA

GHSA-5hr7-x628-f96j: Buffer overflow in AClient in Symantec Deployment Solution 6↗2022-05-14

▶

CVEList

CVE-2014-7286: Buffer overflow in AClient in Symantec Deployment Solution 6↗2014-12-22

▶

💥Exploits & PoCs

Exploit-DB

Symantec Altiris Agent 6.9 (Build 648) - Local Privilege Escalation↗2015-02-01

▶