Vulnerabilities > CVE-2006-3072 - Unspecified vulnerability in Symantec Security Information Manager
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation.
Vulnerable Configurations
References
- http://secunia.com/advisories/20647
- http://secunia.com/advisories/20647
- http://securityresponse.symantec.com/avcenter/security/Content/2006.06.13b.html
- http://securityresponse.symantec.com/avcenter/security/Content/2006.06.13b.html
- http://securitytracker.com/id?1016296
- http://securitytracker.com/id?1016296
- http://www.securityfocus.com/bid/18420
- http://www.securityfocus.com/bid/18420
- http://www.vupen.com/english/advisories/2006/2334
- http://www.vupen.com/english/advisories/2006/2334
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27105
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27105