18 matches found
EUVD-2012-0336
Malware in sbrugna...
EUVD-2012-0338
Malware in sbrugna...
EUVD-2012-0337
Malware in sbrugna...
CVE-2012-0302
Cross-site scripting XSS vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0300
Brightmail Control Center in Symantec Message Filter 6.3 does not properly restrict establishment of sessions to the listening port, which allows remote attackers to obtain potentially sensitive version information via unspecified vectors...
CVE-2012-0301
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2012-0302
Cross-site scripting XSS vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0301
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Session fixation
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Brightmail Control Center in Symantec Message Filter 6.3 allow remote attackers to hijack the authentication of arbitrary users for requests that 1 execute application commands or 2 create admin accounts...
CVE-2012-0302
Cross-site scripting XSS vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2012-0301
Session fixation vulnerability in Brightmail Control Center in Symantec Message Filter 6.3 allows remote attackers to hijack web sessions via unspecified vectors...
CVE-2012-0303
The CVE-2012-0303 entry applies to Symantec Message Filter’s Brightmail Control Center (web management interface) and describes multiple CSRF vulnerabilities in version 6.3 that allow remote attackers to hijack user authentication for actions such as executing commands or creating an admin accoun...
CVE-2012-0302
CVE-2012-0302 concerns an XSS vulnerability in Brightmail Control Center (the web management interface for Symantec Message Filter) version 6.3. The issue arises from insufficient input validation in the Brightmail Control Center, allowing remote attackers to inject arbitrary web script or HTML v...
CVE-2012-0301
Symantec Message Filter’s Brightmail Control Center (web interface) 6.3 is tied to CVE-2012-0301, a session-fixation vulnerability that can allow an attacker to hijack a legitimate user session via unspecified vectors. The linked open-source advisories and vendor notes confirm that this issue aff...
Symantec Message Filter Multiple Vulnerabilities (SYM12-010)
The version of Brightmail Control Center the web management interface for Symantec Message Filter hosted on the remote web server has the following vulnerabilities : - Multiple information disclosure vulnerabilities. CVE-2012-0300 - Session fixation. CVE-2012-0301 - Unspecified cross-site...
Symantec Message Filter Management Interface Default Credentials
Brightmail Control Center BCC is the administrative web interface for Symantec Message Filter. It is possible to log into the remote BCC by providing the default credentials. A remote attacker could exploit this to gain administrative control of the application. %NASLMINLEVEL 70300 C Tenable...