NVD脆弱性詳細

CVE-2006-3072

概要	M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation.
公表日	2006年6月19日19:02
登録日	2021年1月29日15:39
最終更新日	2017年7月20日10:32

CVSS2.0 : MEDIUM
スコア	4.6
ベクター	AV:L/AC:L/Au:N/C:P/I:P/A:P
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	低
可用性への影響(A)	低
全ての特権を取得	いいえ
ユーザー権限を取得	はい
その他の権限を取得	いいえ
ユーザー操作が必要	いいえ

影響を受けるソフトウェアの構成

構成1	以上	以下	より上	未満
cpe:2.3:a:symantec:security_information_manager:4.0.2:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.1:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.2:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.3:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.4:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.5:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.6:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.7:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.8:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.9:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.10:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.11:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.12:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.13:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.14:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.15:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.16:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.17:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.18:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.19:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.20:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.21:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.22:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.23:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.24:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.25:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.26:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.27:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.28:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.29:::::::*

構成1	以上	以下	より上	未満
cpe:2.3:a:symantec:security_information_manager:4.0.2:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.1:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.2:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.3:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.4:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.5:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.6:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.7:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.8:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.9:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.10:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.11:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.12:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.13:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.14:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.15:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.16:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.17:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.18:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.19:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.20:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.21:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.22:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.23:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.24:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.25:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.26:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.27:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.28:::::::*
cpe:2.3:a:symantec:security_information_manager:4.0.2.29:::::::*

No	URL	refsource	タグ
1	http://secunia.com/advisories/20647	SECUNIA	Patch Vendor Advisory
2	http://securityresponse.symantec.com/avcenter/security/Content/2006.06.13b.html	CONFIRM
3	http://securitytracker.com/id?1016296	SECTRACK	Patch
4	http://www.securityfocus.com/bid/18420	BID
5	http://www.vupen.com/english/advisories/2006/2334	VUPEN
6	https://exchange.xforce.ibmcloud.com/vulnerabilities/27105	XF