11 matches found
EUVD-2013-4527
Malware in sbrugna...
EUVD-2014-1717
Malware in sbrugna...
Symantec Encryption Management Server < 3.3.2 Information Disclosure
The version of Symantec Encryption Management Server listening on the remote host is earlier than version 3.3.2. It is, therefore, affected by an information disclosure vulnerability due to a flaw in the Web Email Protection component. A remote, authenticated attacker could potentially exploit th...
CVE-2014-1643
The Web Email Protection component in Symantec Encryption Management Server aka PGP Universal Server before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL...
Code injection
The Web Email Protection component in Symantec Encryption Management Server aka PGP Universal Server before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL...
CVE-2014-1643
The Web Email Protection component in Symantec Encryption Management Server aka PGP Universal Server before 3.3.2 allows remote authenticated users to read the stored outbound e-mail messages of arbitrary users via a modified URL...
Symantec Encryption Management Server Web Email Protection View User’s Email
SUMMARY Symantec Encryption Management Server was susceptible to an authorized/authenticated web console user being able to view any other users stored outbound emails. The issue is in the Web Email Protection component not sufficiently restricting authorized user content access. This could allow...
CVE-2013-4674
Cross-site scripting XSS vulnerability in the Web Email Protection component in Symantec Encryption Management Server formerly Symantec PGP Universal Server before 3.3.0 MP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted encrypted e-mail attachment...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web Email Protection component in Symantec Encryption Management Server formerly Symantec PGP Universal Server before 3.3.0 MP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted encrypted e-mail attachment...
CVE-2013-4674
Cross-site scripting XSS vulnerability in the Web Email Protection component in Symantec Encryption Management Server formerly Symantec PGP Universal Server before 3.3.0 MP2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted encrypted e-mail attachment...
Symantec Encryption Management Server Web Email Protection XSS
SUMMARY Symantec's Encryption Management Server, previously PGP Universal Server, is susceptible to a cross-site scripting XSS issue, in the web management interface of the server. The XSS issue is in the Web Email Protection component. This issue could allow an authenticated Web Email Protection...