Symantec IM Manager 8.x < 8.3.14 (SYM10-005 and SYM10-006)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The instant messaging security application running on the remote
Windows host may be affected by multiple vulnerabilities.

Description :

A version of Symantec IM Manager 8.x earlier than 8.3.14 is installed
on the remote Windows host. Such versions may be affected by one or
both of the following vulnerabilities :

- An integer overflow vulnerability in the third-party
Autonomy KeyView module can be triggered when parsing
a specially crafted OLE document and lead to a heap
overflow and execution of arbitrary code.
(CVE-2009-3032)

- The IM Manager console fails to properly filter user
input from non-privileged users with authorized access
to the console, which can be exploited to inject
arbitrary HTML or script code into a user's browser to
be executed within the security context of the affected
site. (CVE-2009-3036)

See also :

http://www.nessus.org/u?8c5c8bce
http://seclists.org/fulldisclosure/2010/Mar/109
http://www.nessus.org/u?1b9ba8c5
http://www.nessus.org/u?9374523c

Solution :

Upgrade to Symantec IM Manager 8.4.13 (build 8.4.1362) or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.5
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 45018 ()

Bugtraq ID: 38241
38468

CVE ID: CVE-2009-3032
CVE-2009-3036

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now