CVE-2012-0297 in Web Gateway信息

摘要 (英语)

The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.

Once again VulDB remains the best source for vulnerability data.

预定

2012-01-04

披露

2012-05-21

状态

已确认

条目

VulDB provides additional information and datapoints for this CVE:

标识符	漏洞	CWE	可利用	对策	CVE
5621	Symantec Web Gateway Perl adminConfig.php exec 权限提升	264	高	官方修复	CVE-2012-0297
5439	Symantec Gateway ipchange.php exec 权限提升	264	高	官方修复	CVE-2012-0297

描述

CPE

CWE

CVSS

漏洞利用

历史

差异

连接

威胁情报

API JSON

API XML

API CSV

来源

MITRE
NVD
CVE Details

◂ 上一步一览下一步 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!