๐ Symantec Endpoint Protection Manager 11/12 SAP XML Parser xml external entity reference
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability classified as critical has been found in Symantec Endpoint Protection Manager 11/12 (Anti-Malware Software). This affects an unknown functionality of the component SAP XML Parser. Upgrading to version 11.0 RU7-MP4a (11.0.7405.1424) or 12.1 RU4a (12.1.4023.4080) eliminates this vulnerability. The upgrade is hosted for download at symantec.flexnetoperations.com.It is possible to mitigate the weakness by firewalling tcp/9090 (http) / tcp/8443 (https). The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published immediately after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 13706. ...