CVE-2010-3719

Description

Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65040

http://www.zerodayinitiative.com/advisories/ZDI-11-037

http://www.vupen.com/english/advisories/2011/0259

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110131_00

http://www.securityfocus.com/bid/45946

http://www.securityfocus.com/archive/1/516103/100/0/threaded

http://secunia.com/advisories/43143

http://osvdb.org/70755

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3