CVE-2012-0291: Input Validation
First published: Wed Feb 22 2012(Updated: )
Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec pcAnywhere | <=12.5 | |
| Symantec pcAnywhere | =10.0 | |
| Symantec pcAnywhere | =10.5 | |
| Symantec pcAnywhere | =11.0 | |
| Symantec pcAnywhere | =11.0.1 | |
| Symantec pcAnywhere | =11.5 | |
| Symantec pcAnywhere | =11.5.1 | |
| Symantec pcAnywhere | =12.0 | |
| Symantec pcAnywhere | =12.0.1 | |
| Symantec pcAnywhere | =12.0.2 | |
| Symantec pcAnywhere | =12.0.3 | |
| Symantec pcAnywhere | =12.1 | |
| Symantec pcAnywhere | =12.5 | |
| Symantec pcAnywhere | =12.5-sp1 | |
| Symantec pcAnywhere | =12.5-sp2 | |
| Symantec pcAnywhere | =12.5.3 | |
| Symantec pcAnywhere | =12.5.265 | |
| Symantec pcAnywhere | =12.5.539 | |
| Symantec Altiris Client Management Suite | =7.0 | |
| Symantec Altiris Deployment Solution | =7.1 | |
| Symantec Altiris Client Management Suite | =7.0 | |
| Symantec Altiris Client Management Suite | =7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-0291?
CVE-2012-0291 has a high severity rating due to the potential for remote code execution.
How do I fix CVE-2012-0291?
To fix CVE-2012-0291, upgrade to the latest patched version of Symantec pcAnywhere or apply the necessary security updates.
What versions of Symantec pcAnywhere are affected by CVE-2012-0291?
CVE-2012-0291 affects multiple versions of Symantec pcAnywhere including versions up to 12.5.3.
Is CVE-2012-0291 described in any security advisories?
Yes, CVE-2012-0291 is detailed in various security advisories and reports regarding its vulnerabilities.
What impacts can CVE-2012-0291 have on affected systems?
CVE-2012-0291 can lead to unauthorized remote access and control over affected systems, posing a significant security risk.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/symantec
- canonical/symantec pcanywhere
- version/symantec pcanywhere/12.5
- version/symantec pcanywhere/10.0
- version/symantec pcanywhere/10.5
- version/symantec pcanywhere/11.0
- version/symantec pcanywhere/11.0.1
- version/symantec pcanywhere/11.5
- version/symantec pcanywhere/11.5.1
- version/symantec pcanywhere/12.0
- version/symantec pcanywhere/12.0.1
- version/symantec pcanywhere/12.0.2
- version/symantec pcanywhere/12.0.3
- version/symantec pcanywhere/12.1
- version/symantec pcanywhere/12.5-sp1
- version/symantec pcanywhere/12.5-sp2
- version/symantec pcanywhere/12.5.3
- version/symantec pcanywhere/12.5.265
- version/symantec pcanywhere/12.5.539
- canonical/symantec altiris client management suite
- version/symantec altiris client management suite/7.0
- canonical/symantec altiris deployment solution
- version/symantec altiris deployment solution/7.1
- version/symantec altiris client management suite/7.1