See here:
Symantec Endpoint Protection Manager CVE-2012-4348 Remote Code Execution Vulnerability
Symantec Endpoint Protection (SEP) Manager is prone to a remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary PHP code in the context of the application.
This issue is fixed in the following versions:
Symantec Endpoint Protection 11.0 RU7-MP3
Symantec Endpoint Protection 12.1 RU2
You need to upgrade to RU7 MP3 or 12.1 RU2
http://www.securityfocus.com/bid/56846/discuss