Symantec Web Gateway timer.php XSS (SYM12-006)

medium Nessus Plugin ID 59097
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 3

Synopsis

A web security application hosted on the remote web server has a cross-site scripting vulnerability.

Description

The remote web server is hosting a version of Symantec Web Gateway that is vulnerable to cross-site scripting attacks. Input to the 'l' parameter of timer.php is not properly sanitized. An attacker could exploit this by tricking a user into making a malicious request, resulting in arbitrary script code execution. There are reportedly other cross-site scripting vulnerabilities in this version of the software, though Nessus has not checked for those issues.

Solution

Upgrade to Symantec Web Gateway 5.0.3 or later.

See Also

http://www.nessus.org/u?5b5929ae

Plugin Details

Severity: Medium

ID: 59097

File Name: symantec_web_gateway_timer_xss.nasl

Version: 1.10

Type: remote

Published: 5/15/2012

Updated: 1/19/2021

Dependencies: 55627

Risk Information

Risk Factor: Medium

VPR Score: 3

CVSS v2.0

Base Score: 4.3

Temporal Score: 3.7

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:symantec:web_gateway

Required KB Items: www/symantec_web_gateway

Exploit Available: false

Exploit Ease: No exploit is required

Patch Publication Date: 5/17/2012

Vulnerability Publication Date: 5/4/2012

Reference Information

CVE: CVE-2012-0296

BID: 53396

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990