Description
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to execute arbitrary shell commands via crafted input to application scripts, related to an "injection" issue.
References (3)
Core 3
Core References
Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/108471
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120720_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/54427
Scores
EPSS
0.0438
EPSS Percentile
89.1%
Details
CWE
CWE-78
Status
published
Products (4)
symantec/web_gateway
5.0
symantec/web_gateway
5.0.1
symantec/web_gateway
5.0.2
symantec/web_gateway
5.0.3
Published
Jul 23, 2012
Tracked Since
Feb 18, 2026