CVE-2010-3719

EUVD-2010-3698
Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
symantecim_manager
𝑥
≤ 8.4.16
symantecim_manager
6.0
symantecim_manager
6.5
symantecim_manager
7.0
symantecim_manager
7.5
symantecim_manager
8.3
symantecim_manager
8.4.0
symantecim_manager
8.4.1
symantecim_manager
8.4.2
symantecim_manager
8.4.5
symantecim_manager
8.4.6
symantecim_manager
8.4.7
symantecim_manager
8.4.8
symantecim_manager
8.4.9
symantecim_manager
8.4.10
symantecim_manager
8.4.11
symantecim_manager
8.4.12
symantecim_manager
8.4.13
symantecim_manager
8.4.15
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/70755
http://secunia.com/advisories/43143
http://www.securityfocus.com/archive/1/516103/100/0/threaded
http://www.securityfocus.com/bid/45946
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110131_00
http://www.vupen.com/english/advisories/2011/0259
http://www.zerodayinitiative.com/advisories/ZDI-11-037
https://exchange.xforce.ibmcloud.com/vulnerabilities/65040
http://osvdb.org/70755
http://secunia.com/advisories/43143
http://www.securityfocus.com/archive/1/516103/100/0/threaded
http://www.securityfocus.com/bid/45946
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110131_00
http://www.vupen.com/english/advisories/2011/0259
http://www.zerodayinitiative.com/advisories/ZDI-11-037
https://exchange.xforce.ibmcloud.com/vulnerabilities/65040