SAINT CorporationSAINT:CA79171627977B6EB496110895555ECASymantec Web Gateway access_log PHP Injection
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%
Added: 06/11/2012
CVE: CVE-2012-0297
BID: 53444
OSVDB: 82023
Background
Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web.
Problem
Symantec Web Gateway fails to properly sanitize user-supplied input passed to “/spywall/releasenotes.php” via the “relfile” parameter. This can be exploited to execute arbitrary PHP code.
Resolution
Upgrade Symantec Web Gateway to version 5.0.3 or higher.
References
<http://secunia.com/advisories/49216>
[http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00 ](<http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120517_00
>)
Limitations
This exploit has been tested against Symantec Web Gateway 5.0.0.216 and 5.0.2.8
Platforms
Linux
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.974 High
EPSS
Percentile
99.9%