Lucene search
SymantecCVELIST:CVE-2014-3437HistoryNov 07, 2014 - 11:00 a.m.
CVE-2014-3437
2014-11-0711:00:00
symantec
www.cve.org
5
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
References
seclists.org/fulldisclosure/2014/Nov/7
www.securityfocus.com/archive/1/533918/100/0/threaded
www.securityfocus.com/bid/70843
www.securitytracker.com/id/1031176
www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00
exchange.xforce.ibmcloud.com/vulnerabilities/98525
Related
cve
cve
CVE-2014-3437
2014-11-07 11:55:03
nvd
nvd
CVE-2014-3437
2014-11-07 11:55:03
prion
prion
Xxe
2014-11-07 11:55:00
securityvulns
securityvulns
openvas
openvas
Symantec Endpoint Protection Manager Multiple Vulnerabilities (Dec 2014)
2014-12-04 00:00:00
nessus
nessus
symantec
symantec
Symantec Endpoint Protection Manager Multiple Issues
2014-11-05 08:00:00
exploitdb
exploitdb
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
2014-11-06 00:00:00
exploitpack
exploitpack
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
2014-11-06 00:00:00
zdt
zdt
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
2014-11-06 00:00:00
packetstorm
packetstorm
Symantec Endpoint Protection 12.1.4023.4080 XXE / XSS / Arbitrary File Write
2014-11-06 00:00:00
seebug
seebug
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
2014-11-13 00:00:00