Vulnerability Details CVE-2015-8154
The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote attackers to execute arbitrary code via a crafted HTML document, related to "RWX Permissions."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.049
EPSS Ranking 89.1%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/84344
- http://www.securitytracker.com/id/1035329
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160317_00
- http://www.securityfocus.com/bid/84344
- http://www.securitytracker.com/id/1035329
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160317_00
Products affected by CVE-2015-8154
-
cpe:2.3:a:symantec:endpoint_protection_manager:*