Intrusion Prevention

Symantec.Endpoint.Protection.arbitrary.file.upload.Execution

Description

This indicates an attack attempt against a arbitrary file upload, and code execution vulnerability in Symantec Endpoint Protection.
The vulnerability is allows remote authenticated users to write to arbitrary files, with vulnerable application. A remote attacker can exploit this to obtain administrator privileges, via a crafted filename.

Affected Products

Symantec Endpoint Protection prior to 12.1-RU6-MP1

Impact

Remote attackers can upload an arbitrary file, and code execution on affecting Symantec Endpoint Protection Manager

Recommended Actions

If required, this signature's action can be set to "Block" to block this operation.

CVE References

CVE-2015-1487