Symantec Web Gateway protects organizations against multiple types of Web-based malware and prevents data loss over the Web.
Symantec Web Gateway fails to properly sanitize user-supplied input passed to "/spywall/releasenotes.php" via the "relfile" parameter. This can be exploited to execute arbitrary PHP code.
Upgrade Symantec Web Gateway to version 5.0.3 or higher.
This exploit has been tested against Symantec Web Gateway 126.96.36.199 and 188.8.131.52