24 matches found
EUVD-2016-7506
Malware in sbrugna...
EUVD-2016-7507
Malware in sbrugna...
EUVD-2015-5802
Malware in sbrugna...
CVE-2016-6588
A Cross-Site Scripting XSS vulnerability exists in the ITMS workflow process manager console in Symantec IT Management Suite 8.0...
Denial of service
A Denial of Service vulnerability exists in the ITMS workflow process manager login window in Symantec IT Management Suite 8.0...
CVE-2016-6589
CVE-2016-6589 is a Denial of Service vulnerability in the Symantec IT Management Suite 8.0, specifically in the ITMS workflow process manager console login window. Public entries describe that an authorized network user could input excessive data into the login/process console, leading to reduced...
Server side request forgery (ssrf)
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6, and ITMS 7.6POSTHF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service,...
CVE-2017-6323
CVE-2017-6323 affects Symantec Management Console versions prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6 and ITMS 7.6_POST_HF7. Root cause is processing XML input with a reference to an external entity by a weakly configured XML parser (XXE). Potential impact includes disclosure of confidential data, ...
Symantec Management Console Directory Traversal Vulnerability
Symantec Management Console is a set of management console programs from Symantec Corporation USA. The program is used to manage the web-based user interface for Symantec Management Platform and other Symantec solutions. A directory traversal vulnerability exists in Symantec Management Console IT...
CVE-2017-15527
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...
CVE-2017-15527
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to pare...
CVE-2017-15527
The CVE-2017-15527 entry concerns the Symantec Management Console. Affected product: Symantec Management Console (ITMS) prior to 8.1 RU4. Vulnerable component/behavior: directory traversal due to insufficient input validation/sanitization of user-supplied file names, allowing traversal sequences ...
Symantec Management Console Multiple XSS and XXE Vulnerabilities (SYM17-005)
The version of Symantec Manager Console running on the remote host is earlier then ITM 8.1 RU1, ITMS 8.0POSTHF6 or ITMS 7.6POSTHF7 and is therefore affected by multiple cross-site scripting XSS and XML External Entity XXE processing vulnerabilities. C Tenable Network Security, Inc...
Symantec Management Console XSS/XXE Issues
SUMMARY Symantec has released an update to address two issues that were discovered in the Symantec Management Console. AFFECTED PRODUCTS Symantec Management Console --- CVE | Affected Versions | Remediation CVE-2017-6322 CVE-2017-6323 | Prior to ITMS 8.1 RU1, ITMS 8.0POSTHF6 & ITMS 7.6POSTHF7 |...
Symantec IT Management Suite Multiple Issues
SUMMARY Symantec has released updates to address two security issues: a cross-site scripting XSS issue and a denial of service DoS issue reported in the Symantec IT Management Suite ITMS workflow process manager console. AFFECTED PRODUCTS Symantec IT Manage Suite Workflow Process Manager Console...
CVE-2016-2202
The CVE-2016-2202 issue affects Symantec ITMS (Inventory Solution component in the Management Agent on the client). The vulnerability allows a local user to bypass the inventory’s application-denial/blacklist functionality, effectively bypassing policy to run unauthorized applications. The root c...
Symantec ITMS Inventory Solution Application Denial Functionality Bypass
SUMMARY The Inventory Solution component of Symantecs IT Management Agent, the client portion of Symantec IT Management Suite ITMS powered by Altiris, can be configured to deny one or more applications from running on a windows managed client as part of IT management functions. A determined user...
CVE-2015-5856
The Application Store component in Apple iOS before 9 allows remote attackers to cause a denial of service to an enterprise-signed app via a crafted ITMS URL...
Code injection
The Application Store component in Apple iOS before 9 allows remote attackers to cause a denial of service to an enterprise-signed app via a crafted ITMS URL...
CVE-2015-5856
CVE-2015-5856 affects Apple iOS, specifically the Application Store component, where a crafted ITMS URL could cause a denial of service to enterprise-signed apps. The root cause is an installation-verification issue in the ITMS/enterprise signing flow. Impact is denial of service to enterprise-si...