Overview
The ActiveX and HTML file browsers in the Symantec Clientless VPN Gateway 4400 Series contain various unspecified vulnerabilities.
Description
The Symantec Clientless VPN Gateway 4400 Series is a stand-alone security appliance for connecting remote users to a trusted network via a virtual private network. The ActiveX and HTML file browsers included with the 4400 Series VPN Gateway contain various vulnerabilities. The specifics of the vulnerabilities are not known. |
Impact
These vulnerabilities may result in unauthorized access to the system or lead to unpredictable behavior. |
Solution
Apply a Hotfix Symantec has posted a hotfix to address this issue. The hotfix is labeled Hotfix: SCVG5-20040806-00 and can be located at: |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- http://secunia.com/advisories/12254/
- http://www.securitytracker.com/alerts/2004/Aug/1010918.html
- http://securityresponse.symantec.com/avcenter/security/Content/2004.08.13.html
- ftp://ftp.symantec.com/public/english_us_canada/products/sym_clientless_vpn/sym_clientless_vpn_5/updates/hf3-readme.txt
- http://www.osvdb.org/displayvuln.php?osvdb_id=8508
Acknowledgements
This vulnerability was discovered by Symantec
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | None |
| Severity Metric: | 0.62 |
| Date Public: | 2004-08-10 |
| Date First Published: | 2004-10-20 |
| Date Last Updated: | 2004-10-20 17:52 UTC |
| Document Revision: | 75 |