1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Plixer Scrutinizer CVE-2012-3951

Attack: Plixer Scrutinizer CVE-2012-3951

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects an attempt to exploit a security-bypass vulnerability in Scrutinizer which may result in remote code execution.

Additional Information

Scrutinizer is a PHP-based web application.

Scrutinizer is prone to a security-bypass vulnerability because it is configured with the user default password for authentication.

Successful attacks can allow an attackers to gain access to the affected application using the default authentication credentials.

According to Plixer, this issue has been acknowledged and patched. The affected version is 9.0.1. The bug has been addressed and resolved in version 9.5. The vulnerable version of this software is no longer available.

Affected

  • Scrutinizer 9.0.1.19899

Response

No further action is required but you may wish to perform some of the following actions as a precautionary measure.
Run the Norton Power Eraser. (home users)
Run the Symantec Power Eraser. (business users)
Update your product definitions and perform a full system scan.
Submit suspicious files to Symantec for analysis.

If you believe that the signature is reported erroneously, please read the following:
Report a potential false positive to Symantec.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube