Published: 23/02/2010 Updated: 07/02/2013

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 384

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the console in Symantec IM Manager 8.3 and 8.4 prior to 8.4.13 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
symantec im manager 8.4
symantec im manager 8.3

CVE-2009-3036 #SpeeDr00t@Black Falcon#bid38241Symantec IM Manager Console HTML Injection Vulnerabilityinfodiscussionexploitsolutionreferences## Bugtraq ID: 38241 Class: Input Validation Error CVE: CVE-2009-3036<br/> Remote: Yes Local: No Published: Feb 1

Rafael B Brinhosa I am an experienced Information Security Consultant, Researcher and Security Architect with 20 years of experience including several years in Application Security Skilled in developing Information Security programs, assessments, and frameworks aligned to risk, security, and governance practices for organizations Experienced in manual and automated security

CWE-79 http://secunia.com/advisories/38672 http://www.securityfocus.com/bid/38241 http://www.vupen.com/english/advisories/2010/0438 http://osvdb.org/62446 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100218_00 https://nvd.nist.gov https://github.com/brinhosa/CVE-2009-3036

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-3036

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect