CVE-2013-5011

Published: Jan 10, 2014Modified: Apr 29, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.

Affected (24)

Products: Symantec: Endpoint Protection

Symantec

1 product

Endpoint Protection

Configuration A

24 vulnerable

Vulnerable Software	Affected Versions
Symantec Endpoint Protection	Up to 11.0.7.3
Symantec Endpoint Protection	Version 11.0.1
Symantec Endpoint Protection	Version 11.0.1 mp1
Symantec Endpoint Protection	Version 11.0.1 mp2
Symantec Endpoint Protection	Version 11.0.2
Symantec Endpoint Protection	Version 11.0.2 mp1
Symantec Endpoint Protection	Version 11.0.2 mp2
Symantec Endpoint Protection	Version 11.0.3001
Symantec Endpoint Protection	Version 11.0.4
Symantec Endpoint Protection	Version 11.0.4 mp1a
Symantec Endpoint Protection	Version 11.0.4 mp2
Symantec Endpoint Protection	Version 11.0.6000
Symantec Endpoint Protection	Version 11.0.6100
Symantec Endpoint Protection	Version 11.0.6200.754
Symantec Endpoint Protection	Version 11.0.6200
Symantec Endpoint Protection	Version 11.0.6300
Symantec Endpoint Protection	Version 11.0.7000
Symantec Endpoint Protection	Version 11.0.7100
Symantec Endpoint Protection	Version 11.0
Symantec Endpoint Protection	Version 11.0 ru5
Symantec Endpoint Protection	Version 11.0 ru6
Symantec Endpoint Protection	Version 11.0 ru6a
Symantec Endpoint Protection	Version 11.0 ru6mp1
Symantec Endpoint Protection	Version 11.0 ru6mp2