Detections
Analytics

CVE-2010-3719

critical

Description

Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65040

http://www.zerodayinitiative.com/advisories/ZDI-11-037

http://www.vupen.com/english/advisories/2011/0259

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110131_00

http://www.securityfocus.com/bid/45946

http://www.securityfocus.com/archive/1/516103/100/0/threaded

http://secunia.com/advisories/43143

http://osvdb.org/70755

Details

Source: Mitre, NVD

Published: 2011-02-02

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.07589