cnvd - cnvd-2016-11375

cnvd-2016-11375

Vulnerability from cnvd

Title: 多款Symantec产品DLL加载本地权限提升漏洞

Description:

Symantec IT Management Suite是款用于减少企业IT资产管理的成本和复杂度的套件。Symantec Ghost Solution Suite是解决了跨平台磁盘映像和部署需求。

多款Symantec产品存在DLL加载本地权限提升漏洞。本地攻击者可以利用漏洞在受影响的应用程序的上下文中执行任意代码。

Severity: 高

Patch Name: 多款Symantec产品DLL加载本地权限提升漏洞的补丁

Patch Description:

Symantec IT Management Suite是款用于减少企业IT资产管理的成本和复杂度的套件。

多款Symantec产品存在DLL加载本地权限提升漏洞。本地攻击者可以利用漏洞在受影响的应用程序的上下文中执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下供应商提供的安全公告获得补丁信息： https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161115_00

Reference: http://www.securityfocus.com/bid/94279 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161115_00

Impacted products

Name
['Symantec IT Management Suite 8.0', 'Symantec Ghost Solution Suite 3.1', 'Symantec Endpoint Virtualization 7.x']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "94279"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6590"
    }
  },
  "description": "Symantec IT Management Suite\u662f\u6b3e\u7528\u4e8e\u51cf\u5c11\u4f01\u4e1aIT\u8d44\u4ea7\u7ba1\u7406\u7684\u6210\u672c\u548c\u590d\u6742\u5ea6\u7684\u5957\u4ef6\u3002Symantec Ghost Solution Suite\u662f\u89e3\u51b3\u4e86\u8de8\u5e73\u53f0\u78c1\u76d8\u6620\u50cf\u548c\u90e8\u7f72\u9700\u6c42\u3002\r\n\r\n\u591a\u6b3eSymantec\u4ea7\u54c1\u5b58\u5728DLL\u52a0\u8f7d\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Himanshu Mehta",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161115_00",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-11375",
  "openTime": "2016-11-22",
  "patchDescription": "Symantec IT Management Suite\u662f\u6b3e\u7528\u4e8e\u51cf\u5c11\u4f01\u4e1aIT\u8d44\u4ea7\u7ba1\u7406\u7684\u6210\u672c\u548c\u590d\u6742\u5ea6\u7684\u5957\u4ef6\u3002\r\n\r\n\u591a\u6b3eSymantec\u4ea7\u54c1\u5b58\u5728DLL\u52a0\u8f7d\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eSymantec\u4ea7\u54c1DLL\u52a0\u8f7d\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Symantec  IT Management Suite 8.0",
      "Symantec Ghost Solution Suite 3.1",
      "Symantec Endpoint Virtualization 7.x"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/94279\r\nhttps://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161115_00",
  "serverity": "\u9ad8",
  "submitTime": "2016-11-17",
  "title": "\u591a\u6b3eSymantec\u4ea7\u54c1DLL\u52a0\u8f7d\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

CVE-2016-6590 (GCVE-0-2016-6590)

Vulnerability from cvelistv5

Published

2020-01-08 15:43

Modified

2024-08-06 01:36

Severity ?

CWE

untrusted search path

Summary

A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/94279	x_refsource_MISC
	http://www.securitytracker.com/id/1037302	x_refsource_MISC
	https://support.symantec.com/us/en/article.symsa1385.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Symantec

IT Management Suite

Version: 8.0 prior to 8.0 HF4 and 7.6 prior to 7.6 HF7

Symantec	Ghost Solution Suite	Version: 3.1 prior to 3.1 MP4
Symantec	Symantec Endpoint Virtualization	Version: 7.x prior to 7.6 HF
Symantec	Encryption Desktop	Version: 0.x prior to 10.4.1 Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:36:28.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94279"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037302"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.symantec.com/us/en/article.symsa1385.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IT Management Suite",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "8.0 prior to 8.0 HF4 and  7.6 prior to 7.6 HF7"
            }
          ]
        },
        {
          "product": "Ghost Solution Suite",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "3.1 prior to 3.1 MP4"
            }
          ]
        },
        {
          "product": "Symantec Endpoint Virtualization",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "7.x  prior to 7.6 HF"
            }
          ]
        },
        {
          "product": "Encryption Desktop",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "0.x prior to 10.4.1"
            },
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "untrusted search path",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-08T15:43:33",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/bid/94279"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securitytracker.com/id/1037302"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.symantec.com/us/en/article.symsa1385.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "ID": "CVE-2016-6590",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IT Management Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.0 prior to 8.0 HF4 and  7.6 prior to 7.6 HF7"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Ghost Solution Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.1 prior to 3.1 MP4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Symantec Endpoint Virtualization",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.x  prior to 7.6 HF"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Encryption Desktop",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.x prior to 10.4.1"
                          },
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Symantec"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "untrusted search path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.securityfocus.com/bid/94279",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/bid/94279"
            },
            {
              "name": "http://www.securitytracker.com/id/1037302",
              "refsource": "MISC",
              "url": "http://www.securitytracker.com/id/1037302"
            },
            {
              "name": "https://support.symantec.com/us/en/article.symsa1385.html",
              "refsource": "CONFIRM",
              "url": "https://support.symantec.com/us/en/article.symsa1385.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2016-6590",
    "datePublished": "2020-01-08T15:43:33",
    "dateReserved": "2016-08-03T00:00:00",
    "dateUpdated": "2024-08-06T01:36:28.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted