Symantec IM Manager Web Interface ProcessAction Code Execution (CVE-2011-0554)

A remote code execution vulnerability has been reported in Symantec IM Manager Web Interface...

Symantec IM Manager Web Interface ProcessAction Code Execution (CVE-2011-0554)

A remote code execution vulnerability has been reported in Symantec IM Manager Web Interface. The vulnerability is due to insufficient validation of certain HTTP request parameters. An attacker may exploit this vulnerability by sending HTTP requests with a crafted URI string to an affected server...

Symantec IM Manager Administrator Console Code Injection (CVE-2011-0554)

Symantec IM Manager is a software-based proxy to secure, manage, and log IM messages for enterprise and public IM protocols. It provides real-time threat protection against IM viruses, worms, and other types of attacks delivered through IM messages. Symantec IM Manager allows the definition of...

Symantec IM Manager < 8.4.18 Multiple Vulnerabilities (SYM11-012)

The version of Symantec IM Manager running on the remote host is earlier than 8.4.18. Such versions are affected by the following vulnerabilities in the management console : - Multiple XSS. CVE-2011-0552 - An unspecified SQL injection. CVE-2011-0553 - An unspecified code injection. CVE-2011-0554 ...

CVE-2011-0554

Symantec IM Manager (web console) is affected by CVE-2011-0554. The vulnerability exists in the management console/web interface and stems from improper validation of HTTP parameters (rdProcess), allowing remote attackers to execute arbitrary code. Exploitation can occur via crafted requests sent...