PDA

Visualizza versione completa : Symantec Clientless VPN Gateway 4400 Series Multiple Vulnerabilities


Giorgius
10-08-2004, 13.38.38
Effetti:
Multiple vulnerabilities have been reported in Symantec Clientless VPN Gateway 4400 Series, where some have an unknown impact and others can be exploited to conduct cross-site scripting attacks or manipulate users' signon information.
1) Various unspecified vulnerabilities affect the ActiveX and HTML file browsers.
2) Various unspecified input validation errors within the end user UI can be exploited to conduct cross-site scripting attacks.
3) An error within the end user UI can be exploited by malicious users to manipulate other users' signon information (including username and password).

Info:
http://secunia.com/advisories/12254/