Unrated severityNVD Advisory· Published Mar 18, 2009· Updated Apr 23, 2026
CVE-2009-0538
CVE-2009-0538
Description
Format string vulnerability in Symantec pcAnywhere before 12.5 SP1 allows local users to read and modify arbitrary memory locations, and cause a denial of service (application crash) or possibly have unspecified other impact, via format string specifiers in the pathname of a remote control file (aka .CHF file).
Affected products
9cpe:2.3:a:symantec:pcanywhere:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:symantec:pcanywhere:*:*:*:*:*:*:*:*range: <=12.5
- cpe:2.3:a:symantec:pcanywhere:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:10.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:11.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:11.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:11.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:12.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:pcanywhere:12.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- securityresponse.symantec.com/avcenter/security/Content/2009.03.17.htmlnvdPatchVendor Advisory
- www.layereddefense.com/pcanywhere17mar.htmlnvdVendor Advisory
- osvdb.org/52797nvd
- secunia.com/advisories/34305nvd
- securitytracker.com/idnvd
- www.securityfocus.com/archive/1/501930/100/0/threadednvd
- www.securityfocus.com/bid/33845nvd
- www.vupen.com/english/advisories/2009/0755nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/49291nvd
News mentions
0No linked articles in our index yet.