CVE-2018-12244

Summary

SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.

Affected Software

VendorProductVersion RangeStatus
Symantec CorporationSymantec Endpoint Protection (Mac Client)Prior to and including 12.1 RU6 MP9affected
Symantec CorporationSymantec Endpoint Protection (Mac Client)Prior to 14.2 RU1affected

Weaknesses

  • CSV/DDE Injection

ADP Enrichment

CVE Program Container

Additional References

References