CVE-2004-0192

Currently unrated

Key Information:

Vendor
Symantec
Status
Gateway Security 5400
Vendor
CVE Published:
15 March 2004

Summary

Cross-site scripting (XSS) vulnerability in the Management Service for Symantec Gateway Security 2.0 allows remote attackers to steal cookies and hijack a management session via a /sgmi URL that contains malicious script, which is not quoted in the resulting error page.

References

http://www.securityfocus.com/bid/9755
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/15330
vdb-entryx_refsource_XF
http://marc.info/?l=bugtraq&m=107790684732458&w=2
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.