Vulnerability CVE-2009-1432


Published: 2009-04-30   Modified: 2012-02-13

Description:
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.

Vendor: Symantec
Product: Antivirus 
Version:
9.0
10.2
10.1
10.0.9
10.0.8
10.0.7
10.0.6
10.0.5
10.0.4
10.0.3
10.0.2.2
10.0.2.1
10.0.2
10.0.1.1
10.0.1
10.0
Product: Client security 
Version:
3.1
3.0.2.2021
3.0.2.2020
3.0.2.2011
3.0.2.2010
3.0.2.2002
3.0.2.2001
3.0.2.2000
3.0.2
3.0.1.1009
3.0.1.1008
3.0.1.1007
3.0.1.1001
3.0.1.1000
3.0.0.359
3.0
2.0
Product: Endpoint protection 
Version: 11.0;
Product: Antivirus central quarantine server 

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://xforce.iss.net/xforce/xfdb/50172
http://www.vupen.com/english/advisories/2009/1204
http://www.vupen.com/english/advisories/2009/1202
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_00
http://www.securityfocus.com/bid/34668
http://securitytracker.com/id?1022138
http://securitytracker.com/id?1022137
http://securitytracker.com/id?1022136
http://secunia.com/advisories/34935
http://secunia.com/advisories/34856

Related CVE
CVE-2018-18367
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution ...
CVE-2018-18366
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptibl...
CVE-2018-12244
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input in...
CVE-2018-18369
Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when ...
CVE-2019-9694
Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptible to a Privilege Escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that...
CVE-2019-9696
Symantec VIP Enterprise Gateway (all versions) may be susceptible to a cross-site scripting (XSS) exploit, which is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting v...
CVE-2018-18364
Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of...
CVE-2018-12245
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note ...

Copyright 2019, cxsecurity.com

 

Back to Top