CVE-2010-3719 Information

Description

Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified parameters to the ScheduleTask method.

Reference

http://osvdb.org/70755 http://secunia.com/advisories/43143 http://www.securityfocus.com/archive/1/516103/100/0/threaded http://www.securityfocus.com/bid/45946 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110131_00 http://www.vupen.com/english/advisories/2011/0259 http://www.zerodayinitiative.com/advisories/ZDI-11-037 https://exchange.xforce.ibmcloud.com/vulnerabilities/65040