CVE ID:	CVE-2010-0112
Description:	Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Symantec IM Manager before 8.4.16 allow remote attackers to execute arbitrary SQL commands via (1) the rdReport parameter to rdpageimlogic.aspx, related to the sGetDefinition function in rdServer.dll, and SQL statements contained within a certain report file; (2) unspecified parameters in a DetailReportGroup (aka DetailReportGroup.lgx) action to rdpageimlogic.aspx; the (3) selclause, (4) whereTrendTimeClause, (5) TrendTypeForReport, (6) whereProtocolClause, or (7) groupClause parameter in a SummaryReportGroup (aka SummaryReportGroup.lgx) action to rdpageimlogic.aspx; the (8) loginTimeStamp, (9) dbo, (10) dateDiffParam, or (11) whereClause parameter in a LoggedInUsers (aka LoggedInUSers.lgx) action to (a) rdpageimlogic.aspx or (b) rdPage.aspx; the (12) selclause, (13) whereTrendTimeClause, (14) TrendTypeForReport, (15) whereProtocolClause, or (16) groupClause parameter to rdpageimlogic.aspx; (17) the groupList parameter to IMAdminReportTrendFormRun.asp; or (18) the email parameter to IMAdminScheduleReport.asp.
Test IDs:	1.3.6.1.4.1.25623.1.0.100876
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0112 BugTraq ID: 44299 http://www.securityfocus.com/bid/44299 http://www.zerodayinitiative.com/advisories/ZDI-10-220/ http://www.zerodayinitiative.com/advisories/ZDI-10-221/ http://www.zerodayinitiative.com/advisories/ZDI-10-222/ http://www.zerodayinitiative.com/advisories/ZDI-10-223/ http://www.zerodayinitiative.com/advisories/ZDI-10-224/ http://www.zerodayinitiative.com/advisories/ZDI-10-225/ http://www.zerodayinitiative.com/advisories/ZDI-10-226/ http://osvdb.org/68901 http://osvdb.org/68902 http://osvdb.org/68903 http://www.securitytracker.com/id?1024648 http://secunia.com/advisories/41959 http://www.vupen.com/english/advisories/2010/2789 XForce ISS Database: immanager-unspecified-sql-injection(62806) https://exchange.xforce.ibmcloud.com/vulnerabilities/62806