CVE-2006-3072

First published: Mon Jun 19 2006(Updated: )

M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Symantec Security Information Manager	=4.0.2.25
Symantec Security Information Manager	=4.0.2.14
Symantec Security Information Manager	=4.0.2.1
Symantec Security Information Manager	=4.0.2.11
Symantec Security Information Manager	=4.0.2.28
Symantec Security Information Manager	=4.0.2.24
Symantec Security Information Manager	=4.0.2.2
Symantec Security Information Manager	=4.0.2.22
Symantec Security Information Manager	=4.0.2.19
Symantec Security Information Manager	=4.0.2.27
Symantec Security Information Manager	=4.0.2.5
Symantec Security Information Manager	=4.0.2.17
Symantec Security Information Manager	=4.0.2.21
Symantec Security Information Manager	=4.0.2.8
Symantec Security Information Manager	=4.0.2.15
Symantec Security Information Manager	=4.0.2.12
Symantec Security Information Manager	=4.0.2.7
Symantec Security Information Manager	=4.0.2.23
Symantec Security Information Manager	=4.0.2.13
Symantec Security Information Manager	=4.0.2.6
Symantec Security Information Manager	=4.0.2.3
Symantec Security Information Manager	=4.0.2.18
Symantec Security Information Manager	=4.0.2.16
Symantec Security Information Manager	=4.0.2.4
Symantec Security Information Manager	=4.0.2.10
Symantec Security Information Manager	=4.0.2
Symantec Security Information Manager	=4.0.2.29
Symantec Security Information Manager	=4.0.2.9
Symantec Security Information Manager	=4.0.2.26
Symantec Security Information Manager	=4.0.2.20

Remedy

http://secunia.com/advisories/20647

Remedy

http://securitytracker.com/id?1016296

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
vendor/symantec
product/security information manager
canonical/symantec security information manager
collector/nvd-index
agent/severity
agent/weakness
agent/author
agent/event
agent/type
agent/references
agent/description
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
version/symantec security information manager/4.0.2.25
version/symantec security information manager/4.0.2.14
version/symantec security information manager/4.0.2.1
version/symantec security information manager/4.0.2.11
version/symantec security information manager/4.0.2.28
version/symantec security information manager/4.0.2.24
version/symantec security information manager/4.0.2.2
version/symantec security information manager/4.0.2.22
version/symantec security information manager/4.0.2.19
version/symantec security information manager/4.0.2.27
version/symantec security information manager/4.0.2.5
version/symantec security information manager/4.0.2.17
version/symantec security information manager/4.0.2.21
version/symantec security information manager/4.0.2.8
version/symantec security information manager/4.0.2.15
version/symantec security information manager/4.0.2.12
version/symantec security information manager/4.0.2.7
version/symantec security information manager/4.0.2.23
version/symantec security information manager/4.0.2.13
version/symantec security information manager/4.0.2.6
version/symantec security information manager/4.0.2.3
version/symantec security information manager/4.0.2.18
version/symantec security information manager/4.0.2.16
version/symantec security information manager/4.0.2.4
version/symantec security information manager/4.0.2.10
version/symantec security information manager/4.0.2
version/symantec security information manager/4.0.2.29
version/symantec security information manager/4.0.2.9
version/symantec security information manager/4.0.2.26
version/symantec security information manager/4.0.2.20

CVE-2006-3072

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact