Lucene search

[email protected]CVE-2012-0293

HistoryMar 17, 2012 - 10:55 a.m.

CVE-2012-0293

2012-03-1710:55:00

CWE-89

[email protected]

web.nvd.nist.gov

cve-2012-0293

symantec altiris

wise package studio

sql injection

vulnerability

nvd

9.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.1%

JSON

Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
symantec:altiris_wise_package_studiosymantec altiris wise package studioeq7.0
symantec:altiris_wise_package_studiosymantec altiris wise package studiole8.0
symantec:altiris_wise_package_studiosymantec altiris wise package studioeq7

CPE	Name	Operator	Version
symantec:altiris_wise_package_studio	symantec altiris wise package studio	eq	7.0
symantec:altiris_wise_package_studio	symantec altiris wise package studio	le	8.0
symantec:altiris_wise_package_studio	symantec altiris wise package studio	eq	7

References

osvdb.org/80201

www.securityfocus.com/bid/52392

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120314_00

9.5 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.1%

JSON

Related for CVE-2012-0293

cvelist1 prion1