Arbitrary Code Execution Vulnerability in Symantec Web Gateway 5.0.x

Arbitrary Code Execution Vulnerability in Symantec Web Gateway 5.0.x

CVE-2012-0297 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by (1) injecting crafted data or (2) including crafted data.

Learn more about our Web App Pen Testing.