Description
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Exploits
351812014-11-06webappsJSP
Symantec Endpoint Protection 12.1.4023.4080 - Multiple Vulnerabilities
By SEC Consult
References
secure@symantec.com
http://seclists.org/fulldisclosure/2014/Nov/7secure@symantec.com
http://www.securityfocus.com/archive/1/533918/100/0/threadedsecure@symantec.com
http://www.securityfocus.com/bid/70843secure@symantec.com
http://www.securitytracker.com/id/1031176secure@symantec.com
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00secure@symantec.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/98525af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2014/Nov/7af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/533918/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/70843af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id/1031176af854a3a-2127-422b-91ae-364da2661108
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/98525