You are here

T-731:Symantec IM Manager Code Injection Vulnerability

September 30, 2011 - 8:30am

Addthis

PROBLEM:

Symantec IM Manager Code Injection Vulnerability.

PLATFORM:

IM Manager versions prior to 8.4.18 are affected.

ABSTRACT:

Symantec IM Manager is prone to a vulnerability that will let attackers run arbitrary code.

referecnce LINKS:

Symantec Security Advisory SYM11-012
Symantec Security Updates
Bugtraq ID: 49742

IMPACT ASSESSMENT:

High

Discussion:

Symantec was notified of Cross-Site Scripting and Code injection/execution issues present in the Symantec IM Manager management console. The management console fails to properly filter/validate external inputs. Successful exploitation of SQL Injection or Remote Code execution might possibly lead to compromise of database or applicationAdditionally, successful exploitation of Cross-Site Scripting could possibly lead to unauthorized access to users' session cookies or to unauthorized network information. In normal installations, the management console is not reachable from outside the network. Hence an authorized but unprivileged network user is required to exploit these issues or to be enticed to visit a malicious link.

Impact:

Symantec IM Manager is prone to a vulnerability that will let attackers run arbitrary code. Remote attackers can exploit this issue to run arbitrary code in the context of the affected application.

Solution:

Symantec recommends all customers upgrade to Symantec IM Manager - 8.4.18, available through the FileConnect-Electronic Software Distribution web site.

 

Addthis