Symantec was notified of a DLL loading issue impacting the Symantec ITMS, GSS, and SEV products. An authorized but non-privileged user could potentially leverage this issue to execute arbitrary code with elevated privileges on the system. Ultimately, this problem is caused by a failure to use an absolute path when loading DLLs during product boot up/reboot
upgrade to 7.6 HF7 or above.
Symantec engineers verified this finding and have resolved it in the product upgrades indicated as SWV upgrade. . Product Updates are available through normal customer locations.
Customers should apply these upgrades to avoid potential incidents of this nature.
Symantec is not aware of exploitation of or adverse customer impact from this issue.
Subscribing will provide email updates when this Article is updated. Login is required.