cpe:/a:symantec:antivirus:-:-:srv cpe:/a:symantec:antivirus:9.0:-:corporate cpe:/a:symantec:antivirus:10.0::corporate cpe:/a:symantec:antivirus:10.0.1::corporate cpe:/a:symantec:antivirus:10.0.1.1::corporate cpe:/a:symantec:antivirus:10.0.2::corporate cpe:/a:symantec:antivirus:10.0.2.1::corporate cpe:/a:symantec:antivirus:10.0.2.2::corporate cpe:/a:symantec:antivirus:10.0.3::corporate cpe:/a:symantec:antivirus:10.0.4::corporate cpe:/a:symantec:antivirus:10.0.5::corporate cpe:/a:symantec:antivirus:10.0.6::corporate cpe:/a:symantec:antivirus:10.0.7::corporate cpe:/a:symantec:antivirus:10.0.8::corporate cpe:/a:symantec:antivirus:10.0.9::corporate cpe:/a:symantec:antivirus:10.1::corporate cpe:/a:symantec:antivirus:10.2::corporate cpe:/a:symantec:antivirus_central_quarantine_server cpe:/a:symantec:client_security:2.0 cpe:/a:symantec:client_security:3.0 cpe:/a:symantec:client_security:3.0.0.359 cpe:/a:symantec:client_security:3.0.1.1000 cpe:/a:symantec:client_security:3.0.1.1001 cpe:/a:symantec:client_security:3.0.1.1007 cpe:/a:symantec:client_security:3.0.1.1008 cpe:/a:symantec:client_security:3.0.1.1009 cpe:/a:symantec:client_security:3.0.2 cpe:/a:symantec:client_security:3.0.2.2000 cpe:/a:symantec:client_security:3.0.2.2001 cpe:/a:symantec:client_security:3.0.2.2002 cpe:/a:symantec:client_security:3.0.2.2010 cpe:/a:symantec:client_security:3.0.2.2011 cpe:/a:symantec:client_security:3.0.2.2020 cpe:/a:symantec:client_security:3.0.2.2021 cpe:/a:symantec:client_security:3.1 cpe:/a:symantec:endpoint_protection:11.0 CVE-2009-1432 2009-04-30T16:30:00.627-04:00 2017-08-16T21:30:20.867-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2009-05-01T12:23:00.000-04:00 SECTRACK 1022136 SECTRACK 1022137 SECTRACK 1022138 BID 34668 SECUNIA 34856 SECUNIA 34935 VUPEN ADV-2009-1202 VUPEN ADV-2009-1204 IAVM IAVM:2009-A-0037 CONFIRM http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_00 CONFIRM http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_00 XF multiple-symantec-login-spoofing(50172) Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.