VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Apr 30, 2009· Updated Apr 23, 2026

CVE-2009-1432

CVE-2009-1432

Description

Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.

Affected products

8
  • Symantec/Antivirus4 versions
    cpe:2.3:a:symantec:antivirus:10.1:-:*:*:corporate:*:*:*+ 3 more
    • cpe:2.3:a:symantec:antivirus:10.1:-:*:*:corporate:*:*:*
    • cpe:2.3:a:symantec:antivirus:10.1:maintenance_release7:*:*:corporate:*:*:*
    • cpe:2.3:a:symantec:antivirus:10.2:-:*:*:corporate:*:*:*
    • cpe:2.3:a:symantec:antivirus:10.2:maintenance_release1:*:*:corporate:*:*:*
  • Symantec/Client Security2 versions
    cpe:2.3:a:symantec:client_security:3.1:-:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:symantec:client_security:3.1:-:*:*:*:*:*:*
    • cpe:2.3:a:symantec:client_security:3.1:maintenance_release7:*:*:*:*:*:*
  • Symantec/Endpoint Protection2 versions
    cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*
    • cpe:2.3:a:symantec:endpoint_protection:11.0:maintenance_release1:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

10

News mentions

0

No linked articles in our index yet.