2 matches found
ZDI-11-037: Symantec IM Manager Administrative Interface IMAdminSchedTask.asp Eval Code Injection Remote Code Execution Vulnerability
ZDI-11-037: Symantec IM Manager Administrative Interface IMAdminSchedTask.asp Eval Code Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-037 January 31, 2011 -- CVE ID: CVE-2010-3719 -- CVSS: 8.5, AV:N/AC:M/Au:S/C:C/I:C/A:C -- Affected Vendors:...
CVE-2010-3719
Summary: CVE-2010-3719 affects Symantec IM Manager. The vulnerability resides in the admin interface’s ScheduleTask function (IMAdminSchedTask.asp) and involves improper sanitization of POST input passed to an eval() call. Affected product is Symantec IM Manager up to version 8.4.16; exploitation...