CVE-2012-0293

EUVD-2012-0329
Multiple SQL injection vulnerabilities in Symantec Altiris WISE Package Studio before 8.0MR1 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Affected Products (NVD)
VendorProductVersion
symantecaltiris_wise_package_studio
𝑥
≤ 8.0
symantecaltiris_wise_package_studio
7.0
symantecaltiris_wise_package_studio
7.0:sp1
symantecaltiris_wise_package_studio
7.0:sp1
symantecaltiris_wise_package_studio
7.0:sp3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/80201
http://www.securityfocus.com/bid/52392
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120314_00
http://osvdb.org/80201
http://www.securityfocus.com/bid/52392
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120314_00