Remote Code Execution Vulnerability in Symantec Web Gateway Management Console
CVE-2012-2976

Currently unrated

Key Information:

Vendor: Symantec
Status: Web Gateway
Vendor: CVE Published:; 23 July 2012

Summary

The management console of Symantec Web Gateway versions prior to 5.0.3.18 is susceptible to a vulnerability that allows remote attackers to execute arbitrary shell commands through specially crafted input. This issue stems from insufficient validation of user inputs, creating an environment where malicious commands can be injected and executed, posing significant risks to the affected systems.

References

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/108471

third-party-advisoryx_refsource_CERT-VN

http://www.securityfocus.com/bid/54427

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jul 23, 2012
Vulnerability Reserved
May 30, 2012