The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Symantec Web Gateway

computer vulnerability announce 22107

Symantec Web Gateway: Cross Site Scripting via Management Console

Synthesis of the vulnerability

An attacker can trigger a Cross Site Scripting via Management Console of Symantec Web Gateway, in order to run JavaScript code in the context of the web site.
Impacted products: Symantec Web Gateway.
Severity: 2/4.
Consequences: client access/rights.
Provenance: document.
Creation date: 14/03/2017.
Identifiers: CVE-2016-9096-REJECTERROR, SYM17-003, VIGILANCE-VUL-22107.

Description of the vulnerability

The Symantec Web Gateway product offers a web service.

However, it does not filter received data via Management Console before inserting them in generated HTML documents.

An attacker can therefore trigger a Cross Site Scripting via Management Console of Symantec Web Gateway, in order to run JavaScript code in the context of the web site.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2016-5313

Symantec Web Gateway: privilege escalation via Management Console

Synthesis of the vulnerability

An attacker can use the Management Console of Symantec Web Gateway, in order to escalate his privileges.
Impacted products: Symantec Web Gateway.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user account.
Creation date: 06/10/2016.
Identifiers: CVE-2016-5313, KIS-2016-12, SYM16-017, VIGILANCE-VUL-20791.

Description of the vulnerability

The Symantec Web Gateway product has a management console.

However, an attacker can inject a command in new_whitelist.php, to add an entry in the whitelist.

An attacker can therefore use the Management Console of Symantec Web Gateway, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2016-5309 CVE-2016-5310

Symantec Endpoint Protection, Mail Security, Web Gateway, Web Security: two vulnerabilities via RAR archives

Synthesis of the vulnerability

An attacker can use several vulnerabilities via the RAR archives analyser of Symantec Endpoint Protection, Mail Security, Web Gateway, Web Security.
Impacted products: SEP, Symantec Mail Security, Symantec Web Gateway, SWS.
Severity: 3/4.
Consequences: privileged access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 20/09/2016.
Revision date: 21/09/2016.
Identifiers: CVE-2016-5309, CVE-2016-5310, VIGILANCE-VUL-20654.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Endpoint Protection, Mail Security, Web Gateway, Web Security.

An attacker can generate a memory corruption in the RAR analyser, in order to trigger a denial of service, and possibly to run code. [severity:3/4; CVE-2016-5310]

An attacker can generate a read only buffer overflow n the RAR archive analyser, in order to trigger a denial of service. [severity:2/4; CVE-2016-5309]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-2207 CVE-2016-2209 CVE-2016-2210

Symantec: seven vulnerabilities of the "Decomposer" module

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec products.
Impacted products: Norton Antivirus, Norton Internet Security, Norton Security, SEP, Symantec Mail Security, Symantec Web Gateway, SWS.
Severity: 4/4.
Consequences: administrator access/rights, privileged access/rights, denial of service on service.
Provenance: document.
Number of vulnerabilities in this bulletin: 7.
Creation date: 29/06/2016.
Revision date: 29/06/2016.
Identifiers: 810, 814, 816, 818, 819, 821, 823, CERTFR-2016-AVI-222, CVE-2016-2207, CVE-2016-2209, CVE-2016-2210, CVE-2016-2211, CVE-2016-3644, CVE-2016-3645, CVE-2016-3646, VIGILANCE-VUL-19997.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Endpoint Protection.

An attacker can generate a buffer overflow via a substream of MS-Office file, in order to trigger a denial of service, and possibly to run code. [severity:4/4; 823, CVE-2016-2209]

An attacker can force a read at an invalid address via ALPkOldFormatDecompressor::UnShrink, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; 821, CVE-2016-3646]

An attacker can generate an integer overflow via Attachment::setDataFromAttachment, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 819, CVE-2016-3645]

An attacker can generate a buffer overflow via CMIMEParser::UpdateHeader, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 818, CVE-2016-3644]

An attacker can generate a memory corruption via a MSPACK archive, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 816, CVE-2016-2211]

An attacker can generate a buffer overflow via CSymLHA::get_header, in order to trigger a denial of service, and possibly to run code. [severity:4/4; 814, CVE-2016-2210]

An attacker can generate a memory corruption via a RAR archive, in order to trigger a denial of service, and possibly to run code. [severity:3/4; 810, CVE-2016-2207]
Full Vigil@nce bulletin... (Free trial)

vulnerability announce CVE-2015-5690 CVE-2015-5691 CVE-2015-5692

Symantec Web Gateway: six vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Web Gateway.
Impacted products: Symantec Web Gateway.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, client access/rights, data reading, data creation/edition, data deletion.
Provenance: user account.
Number of vulnerabilities in this bulletin: 6.
Creation date: 17/09/2015.
Identifiers: CVE-2015-5690, CVE-2015-5691, CVE-2015-5692, CVE-2015-5693, CVE-2015-6547, CVE-2015-6548, SYM15-009, VIGILANCE-VUL-17922, ZDI-15-443, ZDI-15-444.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Web Gateway.

An attacker can use a redirection, in order to execute commands. [severity:2/4; CVE-2015-5690, ZDI-15-444]

An attacker can trigger a Cross Site Scripting, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2015-5691, ZDI-15-443]

An attacker can upload a malicious file, in order for example to upload a Trojan. [severity:2/4; CVE-2015-5692, ZDI-15-443]

An attacker can inject code in Traffic Capture EoP, in order to run code. [severity:2/4; CVE-2015-5693, ZDI-15-444]

An attacker can inject commands in /etc/sysconfig/network, in order to run code. [severity:2/4; CVE-2015-6547]

An attacker can use a SQL injection in edit_alert.php, in order to read or alter data. [severity:2/4; CVE-2015-6548]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2014-7285

Symantec Web Gateway: code execution via Management Console

Synthesis of the vulnerability

An authenticated attacker can inject shell commands in the Management Console of Symantec Web Gateway, in order to execute code.
Impacted products: Symantec Web Gateway.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: user account.
Creation date: 17/12/2014.
Identifiers: BID-71620, CVE-2014-7285, KIS-2014-19, SYM14-016, VIGILANCE-VUL-15839.

Description of the vulnerability

The Symantec Web Gateway product offers a web Management Console, which requires an authentication.

However, an attacker can inject commands in one of the scripts. They are interpreted by the OS.

An authenticated attacker can therefore inject shell commands in the Management Console of Symantec Web Gateway, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-5017 CVE-2014-1650 CVE-2014-1651

Symantec Web Gateway: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Web Gateway.
Impacted products: Symantec Web Gateway.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, client access/rights.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 17/06/2014.
Identifiers: BID-67752, BID-67753, BID-67754, BID-67755, CVE-2013-5017, CVE-2014-1650, CVE-2014-1651, CVE-2014-1652, SYM14-010, VIGILANCE-VUL-14904, VU#719172, ZDI-14-211.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Web Gateway.

An attacker can inject commands in SNMPConfig.php, in order to execute code. [severity:3/4; BID-67752, CVE-2013-5017, ZDI-14-211]

An attacker can use a SQL injection in user.php, in order to read or alter data. [severity:2/4; BID-67753, CVE-2014-1650]

An attacker can use a SQL injection in clientreport.php, in order to read or alter data. [severity:2/4; BID-67754, CVE-2014-1651]

An attacker can trigger a Cross Site Scripting in Report Parameters, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-67755, CVE-2014-1652]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2013-5012 CVE-2013-5013

Symantec Web Gateway: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Web Gateway.
Impacted products: Symantec Web Gateway.
Severity: 2/4.
Consequences: client access/rights, data reading, data creation/edition, data deletion.
Provenance: document.
Number of vulnerabilities in this bulletin: 2.
Creation date: 11/02/2014.
Identifiers: BID-65404, BID-65405, CVE-2013-5012, CVE-2013-5013, SYM14-003, VIGILANCE-VUL-14200.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Web Gateway.

A local attacker can use a SQL injection, in order to read or alter data. [severity:2/4; BID-65404, CVE-2013-5012]

An attacker can trigger a Cross Site Scripting, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-65405, CVE-2013-5013]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2013-1616 CVE-2013-1617 CVE-2013-4670

Symantec Web Gateway: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Web Gateway.
Impacted products: Symantec Web Gateway.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, client access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 26/07/2013.
Identifiers: BID-61101, BID-61102, BID-61103, BID-61104, BID-61105, BID-61106, CVE-2013-1616, CVE-2013-1617, CVE-2013-4670, CVE-2013-4671, CVE-2013-4672, CVE-2013-4673, SA-20130726-0, SYM13-008, VIGILANCE-VUL-13169.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Web Gateway.

An attacker can inject shell commands in /spywall/nameConfig.php and /spywall/networkConfig.php, in order to execute code. [severity:3/4; BID-61106, CVE-2013-1616, SA-20130726-0]

An attacker can use a SQL injection, in order to read or alter data. [severity:2/4; BID-61101, CVE-2013-1617, SA-20130726-0]

An attacker can trigger a Cross Site Scripting, in order to execute JavaScript code in the context of the web site. [severity:2/4; BID-61103, CVE-2013-4670, SA-20130726-0]

An attacker can trigger a Cross Site Request Forgery via posttime, in order to force the victim to perform operations. [severity:2/4; BID-61102, CVE-2013-4671, SA-20130726-0]

The sudo configuration (/etc/sudoers) allows the "apache" and "admin" users to execute privileged commands. [severity:2/4; BID-61104, CVE-2013-4672, SA-20130726-0]

An attacker can execute commands during the Radius authentication. [severity:2/4; BID-61105, CVE-2013-4673]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2012-4178

Symantec Web Gateway: SQL injection via deptUploads_data.php

Synthesis of the vulnerability

An attacker can inject SQL code via spywall/includes/deptUploads_data.php, in order to read or to alter the contents of the Symantec Web Gateway database.
Impacted products: Symantec Web Gateway.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: intranet client.
Creation date: 09/08/2012.
Identifiers: BID-54721, CVE-2012-4178, VIGILANCE-VUL-11836.

Description of the vulnerability

The Symantec Web Gateway product offers a web service which for example displays information on threats:
  http://server/spywall/spywareinfo.php?sid=1234

The page "/spywall/includes/deptUploads_data.php" is conceived to be included from another script. This page uses the "groupid" parameter to restrict SQL queries. However, this parameter is directly included in the SQL query, without being filtered.

An attacker can therefore inject SQL code via spywall/includes/deptUploads_data.php, in order to read or to alter the contents of the Symantec Web Gateway database.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.