Vulnerability: Information Disclosure via Symantec PowerQuest DeployCenter 5.5 Boot Disks

Vulnerability: Information Disclosure via Symantec PowerQuest DeployCenter 5.5 Boot Disks

CVE-2004-2609 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The stuffit.com executable on Symantec PowerQuest DeployCenter 5.5 boot disks allows local users to obtain sensitive information (an unencrypted password for a Windows domain account) via four "stuffit /f:stuffit.dat" invocations, possibly due to a buffer overflow.

Learn more about our User Device Pen Test.