Signature Detail
Short Name |
APP:SYMC:IM-MGR-INJ |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Symantec IM Manager Administrator Console Code Injection |
Release Date |
2011/10/18 |
Update Number |
2012 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Symantec IM Manager Administrator Console Code Injection
This signature detects attempts to exploit a known vulnerability against Symantec IM Manager. A successful attack can lead to invalid memory access and arbitrary Code Injection.
Extended Description
Symantec IM Manager is prone to a vulnerability that will let attackers run arbitrary code. Remote attackers can exploit this issue to run arbitrary code in the context of the affected application. IM Manager versions prior to 8.4.18 are affected.
Affected Products
- Symantec IM Manager 8.4
- Symantec IM Manager 8.4.0
- Symantec IM Manager 8.4.1
- Symantec IM Manager 8.4.10
- Symantec IM Manager 8.4.11
- Symantec IM Manager 8.4.12
- Symantec IM Manager 8.4.13
- Symantec IM Manager 8.4.15
- Symantec IM Manager 8.4.15
- Symantec IM Manager 8.4.16
- Symantec IM Manager 8.4.17
- Symantec IM Manager 8.4.2
- Symantec IM Manager 8.4.5
- Symantec IM Manager 8.4.5
- Symantec IM Manager 8.4.6
- Symantec IM Manager 8.4.7
- Symantec IM Manager 8.4.8
- Symantec IM Manager 8.4.9
References
- BugTraq: 49742
- CVE: CVE-2011-0554