Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61477
HistoryFeb 19, 2014 - 12:00 a.m.

Symantec Endpoint Protection Manager本地SQL注入漏洞(CVE-2013-5015)

2014-02-1900:00:00
Root
www.seebug.org
62

0.006 Low

EPSS

Percentile

75.4%

JSON

BUGTRAQ ID: 65467
CVE(CAN) ID: CVE-2013-5015

Symantec Endpoint Protection (SEP)是反病毒和防火墙产品。

Symantec Endpoint Protection Manager 11.0、Symantec Endpoint Protection Center Small Business Edition 12.0、Symantec Endpoint Protection Manager 12.1版本没有有效过滤数据库的本地请求,恶意本地用户可利用此漏洞注入任意SQL数据库查询。
0
Symantec Web Gateway < 5.2
厂商补丁:

Symantec

Symantec已经为此发布了一个安全公告(SYM14-004)以及相应补丁:
SYM14-004:Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Manager Vulnerabilities
链接:http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&amp;pvid=secu

Related

cve 1
prion 1
symantec 1
saint 4
seebug 3
packetstorm 3
securityvulns 3
exploitpack 2
nessus 1
zdt 2
openvas 1
exploitdb 2
cve
cve
CVE-2013-5015
2014-02-14 13:10:00
prion
prion
Sql injection
2014-02-14 13:10:00
symantec
symantec
Symantec Endpoint Protection Manager Vulnerabilities
2014-02-13 08:00:00
saint
saint
Symantec Endpoint Protection Manager XXE and SQL Injection Vulnerabilities
2014-02-24 00:00:00
Symantec Endpoint Protection Manager XXE and SQL Injection Vulnerabilities
2014-02-24 00:00:00
Symantec Endpoint Protection Manager XXE and SQL Injection Vulnerabilities
2014-02-24 00:00:00
seebug
seebug
Symantec Endpoint Protection Manager XML外部实体注入漏洞
2014-02-14 00:00:00
Symantec Endpoint Protection Manager - Remote Command Execution Exploit
2014-07-01 00:00:00
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
2014-11-13 00:00:00
packetstorm
packetstorm
Symantec Endpoint Protection Manager Remote Command Execution
2014-02-26 00:00:00
Symantec Endpoint Protection Manager Remote Command Execution
2014-02-23 00:00:00
Symantec Endpoint Protection 12.1.4023.4080 XXE / XSS / Arbitrary File Write
2014-11-06 00:00:00
securityvulns
securityvulns
SEC Consult SA-20140218-0 :: Multiple critical vulnerabilities in Symantec Endpoint Protection
2014-04-07 00:00:00
Symantec Endpoint Protection security vulnerabilities
2014-04-07 00:00:00
SEC Consult SA-20141106-0 :: XXE &amp; XSS &amp; Arbitrary File Write vulnerabilities in Symantec Endpoint Protection
2014-11-10 00:00:00
exploitpack
exploitpack
Symantec Endpoint Protection Manager 11.012.012.1 - Remote Command Execution
2014-02-23 00:00:00
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
2014-11-06 00:00:00
nessus
nessus
Symantec Endpoint Protection Manager < 11.0 RU7-MP4a / 12.1 RU4a Multiple Vulnerabilities (SYM14-004)
2014-02-17 00:00:00
zdt
zdt
Symantec Endpoint Protection Manager Remote Command Execution Exploit
2014-02-24 00:00:00
Symantec Endpoint Protection Manager Remote Command Execution
2014-02-26 00:00:00
openvas
openvas
Symantec Endpoint Protection Manager XXE and SQL Injection Vulnerabilities
2014-03-20 00:00:00
exploitdb
exploitdb
Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution
2014-02-23 00:00:00
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
2014-11-06 00:00:00

0.006 Low

EPSS

Percentile

75.4%

JSON
Related for SSV:61477
cve1prion1symantec1saint4seebug3packetstorm3securityvulns3exploitpack2nessus1zdt2openvas1exploitdb2