First published: Mon Apr 16 2018(Updated: )
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client.
Credit: secure@symantec.com
Affected Software | Affected Version | How to fix |
---|---|---|
Symantec Endpoint Protection | <=14.0 | |
Symantec Endpoint Protection | =12.1.6-mp7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2016-9094.
The title of this vulnerability is 'Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended pr…'
The severity rating of CVE-2016-9094 is high with a value of 7.8.
Symantec Endpoint Protection versions 14.0 and 12.1.6-mp7 are affected by CVE-2016-9094.
Upgrade to Symantec Endpoint Protection 14.0 MP1 or 12.1 RU6 MP7 to fix CVE-2016-9094.