You are here

T-693: Symantec Endpoint Protection Manager Input Validation Hole Permits Cross-Site Scripting and Cross-Site Request Forgery Attacks

August 15, 2011 - 3:42pm

Addthis

PROBLEM:

Two vulnerabilities were reported in Symantec Endpoint Protection Manager. A remote user can conduct cross-site scripting attacks. A remote user can conduct cross-site request forgery attacks.

PLATFORM:

Version(s): 11.0 RU6(11.0.600x), 11.0 RU6-MP1(11.0.6100), 11.0 RU6-MP2(11.0.6200), 11.0 RU6-MP3(11.0.6300)

ABSTRACT:

Symantec Endpoint Protection Manager Input Validation Hole Permits Cross-Site Scripting and Cross-Site Request Forgery Attacks.

reference  LINKS:

Symantec Security Advisories
Security Focus Bugtraq ID: 48231
SecurityTracker Alert ID: 1025919
CVE-2011-0551

IMPACT ASSESSMENT:

Medium

Discussion:

A remote user can create specially crafted Flash content that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

Impact:

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Symantec Endpoint Protection Manager software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

Solution:

The vendor has issued a fix Symantec Support (SEP 11 RU7).
 

Addthis