Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > August 2005 > Symantec AntiVirus Corporate Edition 9.0 and Symantec Client Security 2.0 Help File Elevation of Privilege

August 2005

Symantec AntiVirus Corporate Edition 9.0 and Symantec Client Security 2.0 Help File Elevation of Privilege

ID: 00734
Ref: 681/2005
Date: 26 August 2005:13:09:34
Version: 1
Title: Symantec AntiVirus Corporate Edition 9.0 and Symantec Client Security 2.0 Help File Elevation of Privilege
Abstract: Details of a new vulnerability released by Symantec
Vendors affected: Symantec
Operating systems affected: Symantec
Applications affected: Symantec
A vulnerability has been identified in the Symantec AntiVirus Corporate Edition
HTML client help function that uses HTML help, the Windows help interface, to
provide support to the client user.

A non-privileged client user can manipulate the help function to access files
on the system with local SYSTEM privileges.

Further details can be found at:
http://securityresponse.symantec.com/avcenter/security/Content/2005.08.24.html
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |