|
|
|
|
| |
Credit:
The original article can be found at: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0553
The original article can be found at: http://www.securityfocus.com/bid/49738
|
| |
Vulnerable Systems:
* Symantec IM Manager 8.4.16
* Symantec IM Manager 8.4.15
* Symantec IM Manager 8.4.15
* Symantec IM Manager 8.4.13
* Symantec IM Manager 8.4.12
* Symantec IM Manager 8.4.11
* Symantec IM Manager 8.4.10
* Symantec IM Manager 8.4.9
* Symantec IM Manager 8.4.8
* Symantec IM Manager 8.4.7
* Symantec IM Manager 8.4.6
* Symantec IM Manager 8.4.5
* Symantec IM Manager 8.4.5
* Symantec IM Manager 8.4.2
* Symantec IM Manager 8.4.1
* Symantec IM Manager 8.4.17
* Symantec IM Manager 8.4.0
* Symantec IM Manager 8.4
Symantec IM Manager is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
A successful exploit can allow an attacker to compromise the application, access or modify data, or exploit latent vulnerability in the underlying database.
Vendor Status:
Symantec as issued an update for this vulnerablity
Patch Availability:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00
CVE Information:
CVE-2011-0553
|
|
|
|
|
