CVE-2006-3072

Currently unrated

Key Information:

Vendor: Symantec
Status: Security Information Manager
Vendor: CVE Published:; 19 June 2006

Summary

M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation.

References

http://secunia.com/advisories/20647

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2006/2334

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/18420

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jun 19, 2006
Vulnerability Reserved
Jun 19, 2006