CVE-2005-1970

Description

Symantec pcAnywhere 10.5x and 11.x before 11.5, with "Launch with Windows" enabled, allows local users with physical access to execute arbitrary commands via the Caller Properties feature.

Affected products

• Symantec / pcanywhere8.0.1 – 8.0.1
• Symantec / pcanywhere8.0.2 – 8.0.2
• Symantec / pcanywhere9.0 – 9.0
• Symantec / pcanywhere9.0.1 – 9.0.1
• Symantec / pcanywhere9.2 – 9.2
• Symantec / pcanywhere10.0 – 10.0
• Symantec / pcanywhere10.5 – 10.5
• Symantec / pcanywhere11.0 – 11.0

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/15673
• MISChttp://www.securityfocus.com/bid/13933
• MISChttp://securitytracker.com/id?1014178
• MISChttp://securityresponse.symantec.com/avcenter/security/Content/2005.06.10.html