Main Vulnerability Database SB2016071107

SB2016071107 - Directory traversal in Symantec Workspace Virtualization

Published: July 11, 2016 Updated: July 12, 2020

Security Bulletin ID SB2016071107

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Directory traversal (CVE-ID: CVE-2016-2205)

The vulnerability allows a remote attacker to obtain files on the target system.

The vulnerability exists due to improper control access to the configuration tool download file. A remote authenticated attacker can access the file and modify the file to view certain application file types on the target system.

Successful exploitation of this vulnerability may result in disclosure of system information.

Remediation

Install update from vendor's website.

References

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160707_00