CVE-2013-1609

Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.

medium 6.8 CVSS 2.0

Published: Mar 26, 2013

Modified: Apr 29, 2026

Vendor: Symantec

Product: Enterprise Vault For File System Archiving

Versions: 10.0.0

Description

Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.

References

http://www.securityfocus.com/bid/58617
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130321_00
http://www.securityfocus.com/bid/58617
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130321_00

CVSS Breakdown

Version	2.0
Score	6.8 / 10
Severity	medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Affected Product

Vendor	Symantec
Product	Enterprise Vault For File System Archiving
Versions	10.0.0