Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2012-4347 | 1 Symantec | 1 Messaging Gateway | 2023-12-10 | 5.0 MEDIUM | N/A |
Multiple directory traversal vulnerabilities in the management console in Symantec Messaging Gateway (SMG) 9.5.x allow remote authenticated users to read arbitrary files via a .. (dot dot) in the (1) logFile parameter in a logs action to brightmail/export or (2) localBackupFileSelection parameter in an APPLIANCE restoreSource action to brightmail/admin/restore/download.do. | |||||
CVE-2012-3579 | 1 Symantec | 1 Messaging Gateway | 2023-12-10 | 7.9 HIGH | N/A |
Symantec Messaging Gateway (SMG) before 10.0 has a default password for an unspecified account, which makes it easier for remote attackers to obtain privileged access via an SSH session. | |||||
CVE-2012-3581 | 1 Symantec | 1 Messaging Gateway | 2023-12-10 | 3.3 LOW | N/A |
Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially sensitive information about component versions via unspecified vectors. | |||||
CVE-2012-3580 | 1 Symantec | 1 Messaging Gateway | 2023-12-10 | 7.7 HIGH | N/A |
Symantec Messaging Gateway (SMG) before 10.0 allows remote authenticated users to modify the web application by leveraging access to the management interface. | |||||
CVE-2012-0307 | 1 Symantec | 1 Messaging Gateway | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Symantec Messaging Gateway (SMG) before 10.0 allow remote attackers to inject arbitrary web script or HTML via (1) web content or (2) e-mail content. |