Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Archiving and eDiscovery Community Blog

Enterprise Vault Security Advisory

Created: 02 Oct 2012 • Updated: 29 May 2014
Rob.Wilcox's picture
0 0 Votes
Login to vote

I just spotted this update on Cert's web site:


Essentially Enterprise Vault uses the Outside-In technology from Oracle to convert content to HTML (for indexing).  This technology from Oracle has a security vulnerability in it, which Oracle have fixed.

Symantec's response is in this post:

Symantec Response

Symantec has released an update to Symantec’s Enterprise Vault product suite to address these issues. Symantec recommends all Symantec Enterprise Vault product suite customers upgrade to Symantec Enterprise Vault 10.0.2 to address any possibility of threats of this nature.

Symantec Enterprise Vault 10.0.2 is currently available through normal update channels

It's another good reason to upgrade to Enterprise Vault 10.0.2