CVE-2012-0291

Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/48092
http://www.securityfocus.com/bid/51965
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00	Vendor Advisory
http://secunia.com/advisories/48092
http://www.securityfocus.com/bid/51965
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:symantec:pcanywhere::sp3::::::*
	cpe:2.3:a:symantec:pcanywhere:10.0:::::::*
	cpe:2.3:a:symantec:pcanywhere:10.5:::::::*
	cpe:2.3:a:symantec:pcanywhere:11.0:::::::*
	cpe:2.3:a:symantec:pcanywhere:11.0.1:::::::*
	cpe:2.3:a:symantec:pcanywhere:11.5:::::::*
	cpe:2.3:a:symantec:pcanywhere:11.5.1:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.0:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.0.1:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.0.2:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.0.3:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.1:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.5:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.5:sp1::::::
	cpe:2.3:a:symantec:pcanywhere:12.5:sp2::::::
	cpe:2.3:a:symantec:pcanywhere:12.5.3:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.5.265:::::::*
	cpe:2.3:a:symantec:pcanywhere:12.5.539:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:7.0:::::::*
	cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:7.1:::::::*
	cpe:2.3:a:symantec:altiris_it_management_suite_pcanywhere_solution:7.0:::::::*
	cpe:2.3:a:symantec:altiris_it_management_suite_pcanywhere_solution:7.1:::::::*

History

21 Nov 2024, 01:34

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/48092 -~~	() http://secunia.com/advisories/48092 -
References	~~() http://www.securityfocus.com/bid/51965 -~~	() http://www.securityfocus.com/bid/51965 -
References	~~() http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 - Vendor Advisory~~	() http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00 - Vendor Advisory

Information

Published : 2012-02-22 13:54

Updated : 2025-04-11 00:51

NVD link : CVE-2012-0291

Mitre link : CVE-2012-0291

CVE.ORG link : CVE-2012-0291

JSON object : View

Products Affected

symantec

pcanywhere
altiris_deployment_solution_remote_pcanywhere_solution
altiris_client_management_suite_pcanywhere_solution
altiris_it_management_suite_pcanywhere_solution

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2012-0291", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-02-22T13:54:02.193", "references": [{"url": "http://secunia.com/advisories/48092", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/51965", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/48092", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/51965", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (application crash or hang) via (1) malformed data from a client, (2) malformed data from a server, or (3) an invalid response."}, {"lang": "es", "value": "Symantec pcAnywhere hasta la v12.5.3, Altiris IT Management Suite pcAnywhere Solution v7.0 (tambi\u00e9n conocido como v12.5.x) y v7.1 (\u00f3 v12.6.x), Altiris Altiris Client Management Suite pcAnywhere Solution v7.0 (tambi\u00e9n conocido como v12.5.x) y v7.1 (\u00f3 v12.6.x) y Altiris Deployment Solution Remote pcAnywhere Solution v7.1 (tambi\u00e9n conocido como v12.5.x y v12.6.x) permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda o bloqueo de la aplicaci\u00f3n) a trav\u00e9s de (1) datos con formato incorrecto de un cliente, (2) de datos con formato incorrecto de un servidor, o (3) una respuesta no v\u00e1lida."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:pcanywhere:*:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "439DFE25-7834-4E70-AB3A-47CC76528281", "versionEndIncluding": "12.5"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DAB70F5-1B1B-426B-A1F9-6D91D0A160B2"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F0A6A97-1EFF-41C0-AAAA-B357C4C801F4"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "014AA70B-942F-4ADE-9EEF-4F5204438268"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:11.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0BF0A19-0AAD-44B2-9B51-85A985CC40A4"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A496D973-4BC8-4377-8C84-8F2CB281AEE1"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FF752E6-45B4-4D6D-90F8-AA69DB5C2775"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B13E1710-1723-4A52-ACDC-7FC511467152"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87DBE939-A827-4B90-A618-AA5A044D74E3"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D33DDEF5-032D-4AC2-BBCD-6E3D1E06BA1F"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16E976A6-625C-4B20-B1F1-429A6902BEF4"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECE0E3DD-23F9-4ACD-BF9D-986CE5232D4E"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "067CAB0F-D513-4A70-B6C6-06EE290A2F6F"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39F3C225-B890-47BB-9898-0EFEC969B74D"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4C296DE-5385-4C59-8824-B1695D38C332"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3CA1694-B60F-418A-981D-2393BD74E288"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.265:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE75BA8C-3E29-45CC-BD06-E504513A55AD"}, {"criteria": "cpe:2.3:a:symantec:pcanywhere:12.5.539:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9C845AC-3C09-4676-964F-644A01D133CE"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:altiris_client_management_suite_pcanywhere_solution:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "068FE96E-DEB9-4AEA-8A5B-9152B75E0C7E"}, {"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution_remote_pcanywhere_solution:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5503E846-7BB7-4B05-B234-609167B443C3"}, {"criteria": "cpe:2.3:a:symantec:altiris_it_management_suite_pcanywhere_solution:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2E8464B-ACB2-4DB7-A0CF-EBF5FC5997A4"}, {"criteria": "cpe:2.3:a:symantec:altiris_it_management_suite_pcanywhere_solution:7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D9A6CB3-92E5-40CA-9E00-5C05F478C56C"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

5.0 /10