CVE-2010-3719
Symantec IM Manager < 8.4.16 - Remote Code Execution via IMAdminSchedTask.asp ScheduleTask Method
Title source: llmDescription
Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.
References (8)
Core 8
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-037
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/516103/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45946
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65040
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43143
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0259
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110131_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/70755
Scores
EPSS
0.0729
EPSS Percentile
91.8%
Details
CWE
CWE-94
Status
published
Products (19)
symantec/im_manager
6.0
symantec/im_manager
6.5
symantec/im_manager
7.0
symantec/im_manager
7.5
symantec/im_manager
8.3
symantec/im_manager
8.4.0
symantec/im_manager
8.4.1
symantec/im_manager
8.4.2
symantec/im_manager
8.4.5
symantec/im_manager
8.4.6
... and 9 more
Published
Feb 02, 2011
Tracked Since
Feb 18, 2026