CVE-2012-0293

Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
symantecaltiris_wise_package_studio
𝑥
≤ 8.0
symantecaltiris_wise_package_studio
7.0
symantecaltiris_wise_package_studio
7.0:sp1
symantecaltiris_wise_package_studio
7.0:sp1
symantecaltiris_wise_package_studio
7.0:sp3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/80201
http://www.securityfocus.com/bid/52392
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120314_00
http://osvdb.org/80201
http://www.securityfocus.com/bid/52392
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120314_00