The vulnerable resources include edit.do, PatternFlow$viewReadOnly.flo, ComplianceFlow$edit.flo, saveSpamSettings.do and saveSpamSettings.do, as shown below:
Symantec Mail Security Appliance 8200/8300 - All versions
Vendor recommends upgrading to Symantec Brightmail Gateway version 8.0.1 or later.
Alternatively, please contact Symantec for technical support.
25 January 2009: Vulnerabilities discovered and documented
28 January 2009: Vendor notified
02 February 2009: Vendor confirmed receiving the original reports
08 February 2009: Vendor confirmed the identified vulnerabilities
23 April 2009: Vendor released patches for reported vulnerabilities
23 February 2010: Current advisory published
Dr. Marian Ventuneac