CVE-2012-2977 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2012-2977

CWE

https://cwe.mitre.org/data/definitions/264.html

The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to change arbitrary passwords via crafted input to an application script.

Affected Software

Name	Vendor	Start Version	End Version
Web_gateway	Symantec	5.0 (including)	5.0 (including)
Web_gateway	Symantec	5.0.1 (including)	5.0.1 (including)
Web_gateway	Symantec	5.0.2 (including)	5.0.2 (including)
Web_gateway	Symantec	5.0.3 (including)	5.0.3 (including)

References

http://www.kb.cert.org/vuls/id/108471
http://www.securityfocus.com/bid/54430
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120720_00
http://www.kb.cert.org/vuls/id/108471
http://www.securityfocus.com/bid/54430
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20120720_00