World-writable permissions in Symantec pcAnywhere and IT Management Suite allow local privilege escalation

World-writable permissions in Symantec pcAnywhere and IT Management Suite allow local privilege escalation

CVE-2011-3479 · MEDIUM Severity

AV:L/AC:L/AU:S/C:C/I:C/A:C

Symantec pcAnywhere 12.5.x through 12.5.3, and IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), uses world-writable permissions for product-installation files, which allows local users to gain privileges by modifying a file.

Learn more about our User Device Pen Test.