CVE-2012-4349 - Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2

CVE-2012-4349

Summary

Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:a:symantec:network_access_control:12.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:network_access_control:12.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:network_access_control:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:network_access_control:12.1.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:network_access_control:12.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:network_access_control:12.1.1.1:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 11-10-2013 - 14:26)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	56847
confirm	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121210_00
sectrack	1027864

Last major update

11-10-2013 - 14:26

Published

11-12-2012 - 12:18

Last modified

11-10-2013 - 14:26