This host is installed with Symantec Enterprise Security Manager/Agent and is prone to local privilege escalation vulnerability.

Successful exploitation could allow local users to gain privileges via unspecified vectors. Impact Level: Application

Upgrade to Symantec Enterprise Security Manager version 11.0 or later Or apply the patch SU44 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121213_00 ***** NOTE: Ignore this warning if patch is applied already. For patch refer to http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=esm&pvid=su&year=&suid=20121207_00 *****

An unquoted Windows search path flaw exists in ESM Manager and Agents.

Symantec Enterprise Security Manager versions 10.x and prior Symantec Enterprise Security Manager Agents versions 10.x and prior

• http://securitytracker.com/id?1027874
• http://www.osvdb.org/88465
• http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121213_00
• http://xforce.iss.net/xforce/xfdb/80722

---

Updated on 2015-03-25