CVE-2015-1484

2015-04-2210:59:00

[email protected]

web.nvd.nist.gov

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

Percentile

9.5%

JSON

Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.

Affected configurations

Nvd

Node

symantecworkspace_streamingMatch6.1sp8

symantecworkspace_streamingMatch7.5sp1

VendorProductVersionCPE
symantecworkspace_streaming6.1cpe:2.3:a:symantec:workspace_streaming:6.1:sp8:*:*:*:*:*:*
symantecworkspace_streaming7.5cpe:2.3:a:symantec:workspace_streaming:7.5:sp1:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	workspace_streaming	6.1	cpe:2.3:a:symantec:workspace_streaming:6.1:sp8::::::
symantec	workspace_streaming	7.5	cpe:2.3:a:symantec:workspace_streaming:7.5:sp1::::::