CVE-2011-0551 Information

Description

Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

Reference

http://secunia.com/advisories/43662 http://securitytracker.com/id?1025919 http://www.osvdb.org/74467 http://www.securityfocus.com/bid/49101 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00