CVE-2010-3719

Currently unrated

Key Information:

Vendor: Symantec
Status: Im Manager
Vendor: CVE Published:; 2 February 2011

Summary

Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.

References

http://www.zerodayinitiative.com/advisories/ZDI-11-037

x_refsource_MISC

http://www.securityfocus.com/archive/1/516103/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/45946

vdb-entryx_refsource_BID

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 2, 2011
Vulnerability Reserved
Oct 1, 2010