Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

De la Théorie à la pratique





















Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Symantec Reporting Server, message injection

April 2009 by Vigil@nce

An attacker can force the login page of Symantec Reporting Server to display a malicious message.

- Severity: 1/4
- Consequences: data creation/edition
- Provenance: document
- Means of attack: no proof of concept, no attack
- Ability of attacker: expert (4/4)
- Confidence: confirmed by the editor (5/5)
- Diffusion of the vulnerable configuration: high (3/3)
- Creation date: 29/04/2009

IMPACTED PRODUCTS

- Symantec Antivirus

DESCRIPTION OF THE VULNERABILITY

The Symantec Reporting Server component is used by several Symantec products to generate reports.

The authentication page of Symantec Reporting Server displays a message for the user. However, this message directly originates from the url.

An attacker can therefore indicate his own message in the url. When the victim clicks on this url, the message of the attacker is then displayed on the Symantec Reporting Server site, which can deceive the victim. This vulnerability can for example be used for a phishing attack.

CHARACTERISTICS

- Identifiers: BID-34668, CVE-2009-1432, SYM09-008, VIGILANCE-VUL-8681
- Url: http://vigilance.fr/vulnerability/Symantec-Reporting-Server-message-injection-8681

To change your email preferences (frequency, severity threshold, format): https://vigilance.fr/?action=2041549901&langue=2




See previous articles

    

See next articles