Vulnerability Details : CVE-2010-0112
Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition function in rdServer.dll, and SQL statements contained within a certain report file; (2) unspecified parameters in a DetailReportGroup (aka DetailReportGroup.lgx) action to rdpageimlogic.aspx; the (3) selclause, (4) whereTrendTimeClause, (5) TrendTypeForReport, (6) whereProtocolClause, or (7) groupClause parameter in a SummaryReportGroup (aka SummaryReportGroup.lgx) action to rdpageimlogic.aspx; the (8) loginTimeStamp, (9) dbo, (10) dateDiffParam, or (11) whereClause parameter in a LoggedInUsers (aka LoggedInUSers.lgx) action to (a) rdpageimlogic.aspx or (b) rdPage.aspx; the (12) selclause, (13) whereTrendTimeClause, (14) TrendTypeForReport, (15) whereProtocolClause, or (16) groupClause parameter to rdpageimlogic.aspx; (17) the groupList parameter to IMAdminReportTrendFormRun.asp; or (18) the email parameter to IMAdminScheduleReport.asp.
Vulnerability category: Sql Injection
Exploit prediction scoring system (EPSS) score for CVE-2010-0112
Probability of exploitation activity in the next 30 days: 96.96%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0112
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2010-0112
-
The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0112
-
http://www.zerodayinitiative.com/advisories/ZDI-10-224/
ZDI-10-224 | Zero Day Initiative
-
http://www.securityfocus.com/bid/44299
Symantec IM Manager Multiple SQL Injection Vulnerabilities
-
http://www.zerodayinitiative.com/advisories/ZDI-10-225/
ZDI-10-225 | Zero Day Initiative
-
http://www.zerodayinitiative.com/advisories/ZDI-10-223/
ZDI-10-223 | Zero Day Initiative
-
http://www.vupen.com/english/advisories/2010/2789
Webmail | OVH- OVHVendor Advisory
-
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101027_01
Symantec IM Manager Multiple SQL Injection Issues
-
http://www.zerodayinitiative.com/advisories/ZDI-10-220/
ZDI-10-220 | Zero Day Initiative
-
http://www.zerodayinitiative.com/advisories/ZDI-10-221/
ZDI-10-221 | Zero Day Initiative
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/62806
Symantec IM Manager multiple SQL injection CVE-2010-0112 Vulnerability Report
-
http://www.securitytracker.com/id?1024648
Symantec IM Manager Input Validation Flaws Let Remote Users Inject SQL Commands - SecurityTracker
-
http://www.zerodayinitiative.com/advisories/ZDI-10-226/
ZDI-10-226 | Zero Day Initiative
-
http://www.zerodayinitiative.com/advisories/ZDI-10-222/
ZDI-10-222 | Zero Day Initiative
Products affected by CVE-2010-0112
- cpe:2.3:a:symantec:im_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.3:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:6.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:7.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.12:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:im_manager:8.4.13:*:*:*:*:*:*:*