OSVDB ID: 86151

Title: Symantec Ghost Solution Suite Backup File Handling Memory Corruption

Info

Disclosure

Oct 10, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Oct 10, 2012

Description

A memory corruption flaw exists in Symantec Ghost Solution Suite. The program fails to sanitize user-supplied input during the handling of a backup file resulting in memory corruption. With a specially crafted backup file, a context-dependent attacker can execute arbitrary code.

Classification

Location: Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Security Software

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section.

Products

Symantec Corporation

Symantec Ghost Solution Suite

2.1
2.0.2
2.0.1
2.0
2.5.1

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/86151