SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  LANDESK Management Suite frm_coremainfrm.aspx Remote File Inclusion

Category: WEB-ATTACKS      

Landesk Management Suite is prone to multiple remote file-include vulnerabilities and a cross-site request-forgery vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information, execute arbitrary script code in the context of the web server process and to perform unauthorized actions in the context of a logged-in user of the affected application. This may aid in other attacks.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5362


Relevant Information