1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Symantec Web Gateway CVE-2012-2953

Web Attack: Symantec Web Gateway CVE-2012-2953

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a file upload vulnerability in Symantec Web Gateway

Additional Information

Symantec Web Gateway is a web security gateway appliance.

The application is prone to an arbitrary file-upload vulnerability due to a failure to properly sanitize user-supplied input. The problem affects the management scripts, and can be exploited to upload a file with an arbitrary name and to an arbitrary location on the affected system.

Successful exploits will result in attacker-supplied code executing in the context of the affected application.

Affected

  • Symantec Web Gateway 5.0.1
  • Symantec Web Gateway 5.0

Response

Vendor updates are available. Please see the references for more information.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube