CVE-2012-0290

First published: Mon Feb 06 2012(Updated: )

Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) do not properly handle the client state after abnormal termination of a remote session, which allows remote attackers to obtain access to the client by leveraging an "open client session."

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Symantec pcAnywhere	<=12.5.3
Symantec pcAnywhere	=5.0
Symantec pcAnywhere	=8.0
Symantec pcAnywhere	=9.2
Symantec pcAnywhere	=10.5
Symantec pcAnywhere	=11.5
Symantec pcAnywhere	=11.5.1
Symantec pcAnywhere	=12.1
Symantec pcAnywhere	=12.5-sp1
Symantec pcAnywhere	=12.5-sp2
Symantec pcAnywhere	=12.5-sp3
Symantec pcAnywhere	=12.5.265
Symantec pcAnywhere	=12.5
Symantec pcAnywhere	=12.5.539
Symantec pcAnywhere	=12.6.65
Symantec pcAnywhere	=12.6.7580
Symantec Altiris Client Management Suite Pcanywhere Solution	=12.5
Symantec Altiris Client Management Suite Pcanywhere Solution	=12.5-sp1
Symantec Altiris Client Management Suite Pcanywhere Solution	=12.5-sp2
Symantec Altiris Client Management Suite Pcanywhere Solution	=12.6
Symantec Altiris Client Management Suite Pcanywhere Solution	=12.6-sp1
Symantec Altiris Client Management Suite Pcanywhere Solution	=12.6-sp2
Symantec Altiris Deployment Solution Remote Pcanywhere Solution	=12.5
Symantec Altiris Deployment Solution Remote Pcanywhere Solution	=12.5-sp1
Symantec Altiris Deployment Solution Remote Pcanywhere Solution	=12.5-sp2
Symantec Altiris Deployment Solution Remote Pcanywhere Solution	=12.6
Symantec Altiris Deployment Solution Remote Pcanywhere Solution	=12.6-sp1
Symantec Altiris Deployment Solution Remote Pcanywhere Solution	=12.6-sp2

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/references
agent/severity
agent/author
agent/description
agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/symantec
canonical/symantec pcanywhere
version/symantec pcanywhere/12.5.3
version/symantec pcanywhere/5.0
version/symantec pcanywhere/8.0
version/symantec pcanywhere/9.2
version/symantec pcanywhere/10.5
version/symantec pcanywhere/11.5
version/symantec pcanywhere/11.5.1
version/symantec pcanywhere/12.1
version/symantec pcanywhere/12.5-sp1
version/symantec pcanywhere/12.5-sp2
version/symantec pcanywhere/12.5-sp3
version/symantec pcanywhere/12.5.265
version/symantec pcanywhere/12.5
version/symantec pcanywhere/12.5.539
version/symantec pcanywhere/12.6.65
version/symantec pcanywhere/12.6.7580
canonical/symantec altiris client management suite pcanywhere solution
version/symantec altiris client management suite pcanywhere solution/12.5
version/symantec altiris client management suite pcanywhere solution/12.5-sp1
version/symantec altiris client management suite pcanywhere solution/12.5-sp2
version/symantec altiris client management suite pcanywhere solution/12.6
version/symantec altiris client management suite pcanywhere solution/12.6-sp1
version/symantec altiris client management suite pcanywhere solution/12.6-sp2
canonical/symantec altiris deployment solution remote pcanywhere solution
version/symantec altiris deployment solution remote pcanywhere solution/12.5
version/symantec altiris deployment solution remote pcanywhere solution/12.5-sp1
version/symantec altiris deployment solution remote pcanywhere solution/12.5-sp2
version/symantec altiris deployment solution remote pcanywhere solution/12.6
version/symantec altiris deployment solution remote pcanywhere solution/12.6-sp1
version/symantec altiris deployment solution remote pcanywhere solution/12.6-sp2

CVE-2012-0290

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact