QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-6325

Back to search

CVE-2017-6325

Published: Jun 26, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. This file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application.

VendorProductVersions

Symantec Corporation

Messaging Gateway

affected
All versions prior to version 10.6.3

References

1038785
vdb-entry
x_refsource_SECTRACK
98890
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now