Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2976

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-2976
Last Modified 02 Feb 2013 12:04:31
Published 23 Jul 2012 01:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2976

Summary

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.

Vulnerable Systems

Application

  • Symantec Web Gateway 5.0

  • Symantec Web Gateway 5.0.1

  • Symantec Web Gateway 5.0.2

  • Symantec Web Gateway 5.0.3


References

CONFIRM - http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20120720_00

BID - 54427

CONFIRM - http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00


Last Updated: 27 May 2016 10:54:57