Microsoft Windows Unquoted Service Path vulnerability on DLP services
Article ID: 233113
Updated On:
Products
Data Loss Prevention Enterprise Suite
Issue/Introduction
Symantec DLP is flagged for the following vulnerabilities
CVE-2013-1609, CVE-2014-0759, CVE-2014-5455
Environment
Release : 15.7
Resolution
Issue is specific to DLP 15.7. The registry entry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[Service_Name] ImagePath key value has spaces in the path and isn't in double quotes. This key just needs to have double quotes around the service path.
Feedback
Yes
No
Powered by
