Symantec Backup Exec System Recovery Manager FileUpload Class Unauthorized File Upload Vulnerability

Bugtraq ID: 27487
Class: Input Validation Error
CVE: CVE-2008-0457
Remote: Yes
Local: No
Published: Feb 05 2008 12:00AM
Updated: Feb 07 2008 10:36PM
Credit: Titon of BastardLabs, working with 3COM/TippingPoint, and the Zero Day Initiative is credited with the discovery of this issue.
Vulnerable: Symantec Backup Exec System Recovery Manager 7.0.1
Symantec Backup Exec System Recovery Manager 7.0
Not Vulnerable: Symantec Backup Exec System Recovery Manager 7.0.3


 

Privacy Statement
Copyright 2010, SecurityFocus