CVE-2006-3072

2006-06-1910:00:00

mitre

www.cve.org

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.6%

JSON

M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted “rule definitions”, which produces dangerous Java code during M4 transformation.

References

secunia.com/advisories/20647

securityresponse.symantec.com/avcenter/security/Content/2006.06.13b.html

securitytracker.com/id?1016296

www.securityfocus.com/bid/18420

www.vupen.com/english/advisories/2006/2334

exchange.xforce.ibmcloud.com/vulnerabilities/27105