15 matches found
EUVD-2013-1646
Malware in sbrugna...
CVE-2013-1611
Multiple cross-site scripting XSS vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1611
Multiple cross-site scripting XSS vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1611
Multiple cross-site scripting XSS vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-1611
CVE-2013-1611: Stored XSS vulnerabilities in Symantec Brightmail Gateway 9.5.x (later rebranded to Symantec Messaging Gateway) management console. Root cause: insufficient input validation in administrative-interface pages, enabling remote authenticated users to inject scripts via unspecified vec...
Symantec Messaging Gateway Detection
Symantec Messaging Gateway formerly known as Symantec Brightmail Gateway was detected on the remote host. This application provides inbound and outbound messaging security. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid62009; scriptversion"1.11";...
Symantec generic PDF detection bypass
No description provided by source. Symantec multiple products - Generic PDF bypass Cheap plug : Speaking of PDF - If you are interested in client-side vulnerabilities visit HACK.LU starting tomorrow 28-30 Oct with : Workshop: Bypassing the Perimeter: Client Side Exploitation - Nitesh Dhanjani,...
Symantec Brightmail Gateway控制中心跨站脚本和权限提升漏洞
BUGTRAQ ID: 34641,34639 CVECAN ID: CVE-2009-0063,CVE-2009-0064 Brightmail Gateway是赛门铁克的信息安全管理平台。 Brightmail Gateway设备的WEB管理控制台Brightmail安全中心没有正确地过滤外部客户端输入,远程攻击者可以通过提交恶意请求执行跨站脚本攻击;此外某些控制台函数还可能允许非特权的控制中心用户获得提升的权限。 Symantec Brightmail Gateway 8.0 Symantec Brightmail Gateway 5.0 Symantec --------...
CVE-2009-0063
Cross-site scripting XSS vulnerability in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
Design/Logic Flaw
Multiple unspecified vulnerabilities in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allow remote authenticated users to gain privileges, and possibly obtain sensitive information or hijack sessions of arbitrary users, via vectors involving 1 administrative scripts or ...
Cross site scripting
Cross-site scripting XSS vulnerability in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-0064
Multiple unspecified vulnerabilities in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allow remote authenticated users to gain privileges, and possibly obtain sensitive information or hijack sessions of arbitrary users, via vectors involving 1 administrative scripts or ...
CVE-2009-0064
Symantec Brightmail Gateway and related appliances are affected by CVE-2009-0064, which involves cross-site scripting and elevation of privilege in the Control Center. The issue stems from improper filtering of external input in the web management console, allowing remote authenticated users to p...
CVE-2009-0064
Multiple unspecified vulnerabilities in the Control Center in Symantec Brightmail Gateway Appliance before 8.0.1 allow remote authenticated users to gain privileges, and possibly obtain sensitive information or hijack sessions of arbitrary users, via vectors involving 1 administrative scripts or ...