Vulnerability CVE-2009-0064


Published: 2009-04-24   Modified: 2012-02-13

Description:
Multiple unspecified vulnerabilities in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allow remote authenticated users to gain privileges, and possibly obtain sensitive information or hijack sessions of arbitrary users, via vectors involving (1) administrative scripts or (2) console functions.

CVSS2 => (AV:N/AC:L/Au:S/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9/10
10/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Symantec -> Brightmail gateway appliance 

 References:
http://www.vupen.com/english/advisories/2009/1155
http://securitytracker.com/id?1022117
http://xforce.iss.net/xforce/xfdb/50075
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090423_01
http://www.securityfocus.com/bid/34639
http://secunia.com/advisories/34885
http://osvdb.org/53945

Copyright 2024, cxsecurity.com

 

Back to Top