Vulnerabilites related to symantec - antivirus
CVE-2009-1430 (GCVE-0-2009-1430)
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1430",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1793 (GCVE-0-2007-1793)
Vulnerability from cvelistv5
Published
2007-04-02 22:00
Modified
2024-08-07 13:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:06:26.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-1192",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"name": "1021386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021386"
},
{
"name": "1017837",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017837"
},
{
"name": "23241",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23241"
},
{
"name": "1021388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021388"
},
{
"name": "1021389",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021389"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"name": "symantec-firewall-ssdt-dos(33352)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "34692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34692"
},
{
"name": "1017838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017838"
},
{
"name": "1021387",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021387"
},
{
"name": "24677",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24677"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-1192",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"name": "1021386",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021386"
},
{
"name": "1017837",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017837"
},
{
"name": "23241",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23241"
},
{
"name": "1021388",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021388"
},
{
"name": "1021389",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021389"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"name": "symantec-firewall-ssdt-dos(33352)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "34692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34692"
},
{
"name": "1017838",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017838"
},
{
"name": "1021387",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021387"
},
{
"name": "24677",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24677"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-1192",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"name": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20070401 Norton Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"name": "1021386",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021386"
},
{
"name": "1017837",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017837"
},
{
"name": "23241",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23241"
},
{
"name": "1021388",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021388"
},
{
"name": "1021389",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021389"
},
{
"name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"name": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html",
"refsource": "CONFIRM",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"name": "symantec-firewall-ssdt-dos(33352)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
},
{
"name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php",
"refsource": "MISC",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"name": "34692",
"refsource": "OSVDB",
"url": "http://osvdb.org/34692"
},
{
"name": "1017838",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017838"
},
{
"name": "1021387",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021387"
},
{
"name": "24677",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24677"
},
{
"name": "20070918 Plague in (security) software drivers \u0026 BSDOhook utility",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1793",
"datePublished": "2007-04-02T22:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:06:26.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3268 (GCVE-0-2010-3268)
Vulnerability from cvelistv5
Published
2010-12-22 20:00
Modified
2024-08-07 03:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.900Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20101213 [CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "ADV-2010-3206",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"name": "42593",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42593"
},
{
"name": "1024866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024866"
},
{
"name": "symantec-antivirus-handler-service-dos(64028)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20101213 [CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "ADV-2010-3206",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"name": "42593",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42593"
},
{
"name": "1024866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024866"
},
{
"name": "symantec-antivirus-handler-service-dos(64028)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20101213 [CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"name": "43099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43099"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "ADV-2010-3206",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"name": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"name": "42593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42593"
},
{
"name": "1024866",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024866"
},
{
"name": "symantec-antivirus-handler-service-dos(64028)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
},
{
"name": "45936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3268",
"datePublished": "2010-12-22T20:00:00",
"dateReserved": "2010-09-09T00:00:00",
"dateUpdated": "2024-08-07T03:03:18.900Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4953 (GCVE-0-2012-4953)
Vulnerability from cvelistv5
Published
2012-11-14 11:00
Modified
2024-08-06 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:18.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
},
{
"name": "VU#985625",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"name": "1027726",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027726"
},
{
"name": "56399",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56399"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-02T10:00:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
},
{
"name": "VU#985625",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"name": "1027726",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027726"
},
{
"name": "56399",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56399"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2012-4953",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
},
{
"name": "VU#985625",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"name": "1027726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027726"
},
{
"name": "56399",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56399"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2012-4953",
"datePublished": "2012-11-14T11:00:00",
"dateReserved": "2012-09-17T00:00:00",
"dateUpdated": "2024-08-06T20:50:18.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1432 (GCVE-0-2009-1432)
Vulnerability from cvelistv5
Published
2009-04-30 20:00
Modified
2024-08-07 05:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022137",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022137"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022138"
},
{
"name": "34935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34935"
},
{
"name": "1022136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022136"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"name": "ADV-2009-1202",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"name": "multiple-symantec-login-spoofing(50172)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
},
{
"name": "34668",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34668"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022137",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022137"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022138",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022138"
},
{
"name": "34935",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34935"
},
{
"name": "1022136",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022136"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"name": "ADV-2009-1202",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"name": "multiple-symantec-login-spoofing(50172)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
},
{
"name": "34668",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34668"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1432",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022137",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022137"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022138",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022138"
},
{
"name": "34935",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34935"
},
{
"name": "1022136",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022136"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"name": "ADV-2009-1202",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"name": "multiple-symantec-login-spoofing(50172)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
},
{
"name": "34668",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34668"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1432",
"datePublished": "2009-04-30T20:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.548Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1431 (GCVE-0-2009-1431)
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34675"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34675"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1431",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3104 (GCVE-0-2009-3104)
Vulnerability from cvelistv5
Published
2009-09-08 22:00
Modified
2024-08-07 06:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:56.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090826_01"
},
{
"name": "36493",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36493"
},
{
"name": "ADV-2009-2449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2449"
},
{
"name": "57429",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/57429"
},
{
"name": "34670",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34670"
},
{
"name": "symantec-email-scan-dos(52820)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52820"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090826_01"
},
{
"name": "36493",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36493"
},
{
"name": "ADV-2009-2449",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2449"
},
{
"name": "57429",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/57429"
},
{
"name": "34670",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34670"
},
{
"name": "symantec-email-scan-dos(52820)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52820"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3104",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090826_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090826_01"
},
{
"name": "36493",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36493"
},
{
"name": "ADV-2009-2449",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2449"
},
{
"name": "57429",
"refsource": "OSVDB",
"url": "http://osvdb.org/57429"
},
{
"name": "34670",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34670"
},
{
"name": "symantec-email-scan-dos(52820)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52820"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3104",
"datePublished": "2009-09-08T22:00:00",
"dateReserved": "2009-09-08T00:00:00",
"dateUpdated": "2024-08-07T06:14:56.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1429 (GCVE-0-2009-1429)
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34671"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"refsource": "OSVDB",
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1429",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0111 (GCVE-0-2010-0111)
Vulnerability from cvelistv5
Published
2011-01-31 20:00
Modified
2024-08-07 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"name": "symantec-intelams2-dos(64943)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
},
{
"name": "43106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"name": "symantec-intelams2-code-execution(64942)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"name": "45935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45935"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"name": "1024997",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024997"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"name": "symantec-intelams2-dos(64943)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
},
{
"name": "43106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"name": "symantec-intelams2-code-execution(64942)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"name": "45935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45935"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"name": "1024997",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024997"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43099"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-029",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"name": "symantec-intelams2-dos(64943)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
},
{
"name": "43106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43106"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"name": "symantec-intelams2-code-execution(64942)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"name": "45935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45935"
},
{
"name": "ADV-2011-0234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"name": "1024997",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024997"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0111",
"datePublished": "2011-01-31T20:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:53.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0106 (GCVE-0-2010-0106)
Vulnerability from cvelistv5
Published
2010-02-19 17:00
Modified
2024-08-07 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:54.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"name": "symantec-ondemand-dos(56354)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"name": "1023621",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023621"
},
{
"name": "38219",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38219"
},
{
"name": "38653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38653"
},
{
"name": "62414",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62414"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via \"specific events\" that prevent the user from having read access to unspecified resources."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-0410",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"name": "symantec-ondemand-dos(56354)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"name": "1023621",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023621"
},
{
"name": "38219",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38219"
},
{
"name": "38653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38653"
},
{
"name": "62414",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62414"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via \"specific events\" that prevent the user from having read access to unspecified resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-0410",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"name": "symantec-ondemand-dos(56354)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"name": "1023621",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023621"
},
{
"name": "38219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38219"
},
{
"name": "38653",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38653"
},
{
"name": "62414",
"refsource": "OSVDB",
"url": "http://osvdb.org/62414"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0106",
"datePublished": "2010-02-19T17:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:54.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0108 (GCVE-0-2010-0108)
Vulnerability from cvelistv5
Published
2010-02-19 17:00
Modified
2024-08-07 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:54.133Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "scp-cliproxy-activex-bo(56355)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"name": "20100219 [DSECRG-09-039] Symantec Antivirus 10.0 ActiveX - buffer Overflow.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"name": "38651",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38651"
},
{
"name": "38222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38222"
},
{
"name": "ADV-2010-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "scp-cliproxy-activex-bo(56355)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"name": "20100219 [DSECRG-09-039] Symantec Antivirus 10.0 ActiveX - buffer Overflow.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"name": "38651",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38651"
},
{
"name": "38222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38222"
},
{
"name": "ADV-2010-0412",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "scp-cliproxy-activex-bo(56355)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"name": "20100219 [DSECRG-09-039] Symantec Antivirus 10.0 ActiveX - buffer Overflow.",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"name": "http://dsecrg.com/pages/vul/show.php?id=139",
"refsource": "MISC",
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"name": "38651",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38651"
},
{
"name": "38222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38222"
},
{
"name": "ADV-2010-0412",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0108",
"datePublished": "2010-02-19T17:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:54.133Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0110 (GCVE-0-2010-0110)
Vulnerability from cvelistv5
Published
2011-01-31 20:00
Modified
2024-08-07 00:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:54.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "symantec-intel-ams2-bo(64940)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"name": "43106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43106"
},
{
"name": "1024996",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "symantec-intel-ams2-bo(64940)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"name": "43106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43106"
},
{
"name": "1024996",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-031",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-028",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"name": "43099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43099"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-032",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "symantec-intel-ams2-bo(64940)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-030",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"name": "43106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43106"
},
{
"name": "1024996",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0110",
"datePublished": "2011-01-31T20:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:54.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0688 (GCVE-0-2011-0688)
Vulnerability from cvelistv5
Published
2011-01-31 20:00
Modified
2024-08-06 21:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:58:26.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43099"
},
{
"name": "symantec-tcp-command-execution(65071)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "1024996",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43099"
},
{
"name": "symantec-tcp-command-execution(65071)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "1024996",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43099"
},
{
"name": "symantec-tcp-command-execution(65071)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "1024996",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0688",
"datePublished": "2011-01-31T20:00:00",
"dateReserved": "2011-01-31T00:00:00",
"dateUpdated": "2024-08-06T21:58:26.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-5543 (GCVE-0-2008-5543)
Vulnerability from cvelistv5
Published
2008-12-12 18:13
Modified
2024-08-07 10:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:56:46.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5543",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-antivirus-mzheader-code-execution(47435)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"name": "4723",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4723"
},
{
"name": "20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"name": "20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5543",
"datePublished": "2008-12-12T18:13:00",
"dateReserved": "2008-12-12T00:00:00",
"dateUpdated": "2024-08-07T10:56:46.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1428 (GCVE-0-2009-1428)
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to "two parsing errors."
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-symantec-log-xss(50170)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
},
{
"name": "ADV-2009-1203",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"name": "34669",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34669"
},
{
"name": "1022135",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022135"
},
{
"name": "1022134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022134"
},
{
"name": "1022133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022133"
},
{
"name": "34936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34936"
},
{
"name": "54132",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54132"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to \"two parsing errors.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-symantec-log-xss(50170)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
},
{
"name": "ADV-2009-1203",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"name": "34669",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34669"
},
{
"name": "1022135",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022135"
},
{
"name": "1022134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022134"
},
{
"name": "1022133",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022133"
},
{
"name": "34936",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34936"
},
{
"name": "54132",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54132"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1428",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to \"two parsing errors.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-symantec-log-xss(50170)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
},
{
"name": "ADV-2009-1203",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"name": "34669",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34669"
},
{
"name": "1022135",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022135"
},
{
"name": "1022134",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022134"
},
{
"name": "1022133",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022133"
},
{
"name": "34936",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34936"
},
{
"name": "54132",
"refsource": "OSVDB",
"url": "http://osvdb.org/54132"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1428",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/54157 | ||
| cve@mitre.org | http://secunia.com/advisories/34856 | Vendor Advisory | |
| cve@mitre.org | http://securityreason.com/securityalert/8346 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34671 | Exploit | |
| cve@mitre.org | http://www.securitytracker.com/id?1022130 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022131 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022132 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1204 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/50176 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/54157 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34856 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/8346 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34671 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022130 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022131 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022132 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1204 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50176 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | * | |
| symantec | antivirus | * | |
| symantec | antivirus | * | |
| symantec | antivirus | - | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | antivirus_central_quarantine_server | * | |
| symantec | client_security | * | |
| symantec | client_security | 2.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0.0.359 | |
| symantec | client_security | 3.0.1.1000 | |
| symantec | client_security | 3.0.1.1001 | |
| symantec | client_security | 3.0.1.1007 | |
| symantec | client_security | 3.0.1.1008 | |
| symantec | client_security | 3.0.1.1009 | |
| symantec | client_security | 3.0.2 | |
| symantec | client_security | 3.0.2.2000 | |
| symantec | client_security | 3.0.2.2001 | |
| symantec | client_security | 3.0.2.2002 | |
| symantec | client_security | 3.0.2.2010 | |
| symantec | client_security | 3.0.2.2011 | |
| symantec | client_security | 3.0.2.2020 | |
| symantec | client_security | 3.0.2.2021 | |
| symantec | endpoint_protection | * | |
| symantec | system_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4CD3B130-38CD-4B85-B054-EE43C205E935",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C754F33C-88E5-45A7-96D9-91C0D0397ED8",
"versionEndIncluding": "10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC7EDE-5A85-4D8E-99B0-FF6690BCE35E",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
},
{
"lang": "es",
"value": "El LANDesk Common Base Agent (CBA) de Intel en Alert Management System 2 (AMS2) de Symantec, tal y como es usado en System Center (SSS) de Symantec; AntiVirus Server de Symantec; AntiVirus Central Quarantine Server de Symantec; Symantec AntiVirus (SAV) Corporate Edition versiones 9 anteriores a 9.0 MR7, versiones 10.0 y 10.1 anteriores a 10.1 MR8, y versiones 10.2 anteriores a 10.2 MR2; Symantec Client Security (SCS) versiones 2 anteriores a 2.0 MR7 y versiones 3 anteriores a 3.1 MR8; y Symantec Endpoint Protection (SEP) anterior a versi\u00f3n 11.0 MR3, permite a atacantes remotos ejecutar comandos arbitrarios por medio de un paquete dise\u00f1ado cuyo contenido se interpreta como un comando para ser iniciado en un nuevo proceso mediante la funci\u00f3n CreateProcessA."
}
],
"id": "CVE-2009-1429",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.217",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54157"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8346"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-14 12:30
Modified
2025-04-11 00:51
Severity ?
Summary
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/985625 | US Government Resource | |
| cret@cert.org | http://www.securityfocus.com/bid/56399 | ||
| cret@cert.org | http://www.securitytracker.com/id?1027726 | ||
| cret@cert.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121107_00 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/985625 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/56399 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1027726 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121107_00 |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0:-:corporate:*:*:*:*:*",
"matchCriteriaId": "1D89BB8F-3BB5-45D0-9C34-66FCE8882716",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:-:small_business:*:*:*:*:*",
"matchCriteriaId": "7D7E851B-1A0A-4077-9FCF-754D4FF798FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:scan_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9173FE69-9654-4D5C-864B-B64D840382F0",
"versionEndIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "El motor de descomposici\u00f3n en Symantec Endpoint Protection (SEP) v11.0, Symantec Endpoint Protection Small Business Edition v12.0, Symantec AntiVirus Corporate Edition (SAVCE) v10.x y Symantec Scan Engine (ESE) antes de v5.2.8 no realiza , de forma adecuada, comprobaciones sobre los l\u00edmites de los contenidos de los archivos CAB, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un archivo modificado.\r\n"
}
],
"id": "CVE-2012-4953",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-11-14T12:30:59.727",
"references": [
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/56399"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id?1027726"
},
{
"source": "cret@cert.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/985625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/56399"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2012\u0026suid=20121107_00"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-12-12 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://securityreason.com/securityalert/4723 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/498995/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/499043/100/0/threaded | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securityreason.com/securityalert/4723 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/498995/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/499043/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/47435 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.0 | |
| microsoft | internet_explorer | 6 | |
| microsoft | internet_explorer | 7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02FE2FB-514A-48F9-8833-B1EF4CC1E27E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*",
"matchCriteriaId": "693D3C1C-E3E4-49DB-9A13-44ADDFF82507",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*",
"matchCriteriaId": "1A33FA7F-BB2A-4C66-B608-72997A2BD1DB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka \"EXE info\") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit."
},
{
"lang": "es",
"value": "Symantec AntiVirus (SAV) 10, cuando se utiliza Internet Explorer 6 o 7, permite a atacantes remotos eludir la detecci\u00f3n de malware en un documento HTML colocando una cabecera MZ (alias \"EXE info\") al principio, y modificar el nombre del archivo a (1 ) sin extensi\u00f3n, (2) una extensi\u00f3n. txt, o (3) una extensi\u00f3n .jpg, como lo demuestra un documento que contiene un exploit CVE-2006-5745."
}
],
"id": "CVE-2008-5543",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-12-12T18:30:03.127",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4723"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4723"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/498995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/499043/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47435"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-30 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/34856 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34935 | Third Party Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1022136 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://securitytracker.com/id?1022137 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://securitytracker.com/id?1022138 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securityfocus.com/bid/34668 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_00 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1202 | Third Party Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1204 | Third Party Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/50172 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34856 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34935 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1022136 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1022137 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1022138 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34668 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_00 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1202 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1204 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50172 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:-:*:*:corporate:*:*:*",
"matchCriteriaId": "357629A3-1F45-477D-B560-B4AFB6E163E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:maintenance_release7:*:*:corporate:*:*:*",
"matchCriteriaId": "D2126B10-14E6-4B47-8DA2-361BD51BD378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:-:*:*:corporate:*:*:*",
"matchCriteriaId": "11C99ECE-8A4E-4DF3-98CF-4B8E15F6662A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:maintenance_release1:*:*:corporate:*:*:*",
"matchCriteriaId": "D4B0ACE4-1374-40DF-8E52-C1785753ACBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:-:*:*:*:*:*:*",
"matchCriteriaId": "96B92C62-EB73-4777-9307-677754819F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:maintenance_release7:*:*:*:*:*:*",
"matchCriteriaId": "A63081A8-FB67-4E43-98CF-CD59D7BA5556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:maintenance_release1:*:*:*:*:*:*",
"matchCriteriaId": "D62FBC34-2CA4-430E-B3DF-8948E9F91B02",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled."
},
{
"lang": "es",
"value": "Symantec Reporting Server, utilizado en Symantec AntiVirus (SAV) Corporate Edition v10.1 anterior a v10.1 MR8 y v10,2 antes de v10.2 MR2, Symantec Client Security (SCS), antes de v3.1 MR8, y el componente Symantec Endpoint Protection Manager (SEPM) en Symantec Endpoint Protection (SEP) anterior a v11.0 MR2, permite a atacantes remotos inyectar texto arbitrario en la pantalla de inicio de sesi\u00f3n y, posiblemente, realizar ataques de phishing, a trav\u00e9s de vectores relacionados con un URL que no est\u00e1 bien manejada."
}
],
"id": "CVE-2009-1432",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-30T20:30:00.627",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34935"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022136"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022137"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022138"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34668"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022136"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1022138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34668"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50172"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-19 17:30
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://dsecrg.com/pages/vul/show.php?id=139 | ||
| cve@mitre.org | http://secunia.com/advisories/38651 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/509681/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/38222 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_02 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/0412 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/56355 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://dsecrg.com/pages/vul/show.php?id=139 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38651 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/509681/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/38222 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/0412 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/56355 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1.0.1 | |
| symantec | antivirus | 10.1.4 | |
| symantec | antivirus | 10.1.4.1 | |
| symantec | antivirus | 10.1.5 | |
| symantec | antivirus | 10.1.5.1 | |
| symantec | antivirus | 10.1.6 | |
| symantec | antivirus | 10.1.6.1 | |
| symantec | antivirus | 10.1.7 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0.0.359 | |
| symantec | client_security | 3.0.1.1000 | |
| symantec | client_security | 3.0.1.1007 | |
| symantec | client_security | 3.0.1.1008 | |
| symantec | client_security | 3.0.2 | |
| symantec | client_security | 3.0.2.2000 | |
| symantec | client_security | 3.0.2.2001 | |
| symantec | client_security | 3.0.2.2010 | |
| symantec | client_security | 3.0.2.2011 | |
| symantec | client_security | 3.0.2.2020 | |
| symantec | client_security | 3.0.2.2021 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1.0.396 | |
| symantec | client_security | 3.1.0.401 | |
| symantec | client_security | 3.1.394 | |
| symantec | client_security | 3.1.400 | |
| symantec | client_security | 3.1.401 | |
| symantec | endpoint_protection | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02FE2FB-514A-48F9-8833-B1EF4CC1E27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD10A73-3DEF-48BD-9B35-D2BF791560E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03684DB6-9DC6-4EDD-902F-D1EC160330ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D38110-4B50-472E-9743-52A137F2ED93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1004A37-D22B-4690-8625-B631595C8B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7A5EDA-F1FF-4F66-BC78-DC6429D301CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A664090-5993-4DF2-AD6B-0F4867DB98B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "079D24C8-27D6-4794-8E56-58A7885DFE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "732CB44D-7468-486A-85CA-FA1365DB0F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E236C99A-D524-462A-BD8E-97A07B3BFC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "37456791-164A-489B-A905-8B61C6F91BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C39155B8-55BD-4B58-85DB-505876930A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "287B278D-A114-4795-8934-64E3C4472481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C311B10-D660-4F50-828D-6D2CDBE550BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "6D4A3BB0-C293-47D5-AC66-4AFAEC45EFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "120CD307-806A-45A8-9DCF-D23FEE072432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
"matchCriteriaId": "CD25A172-D70C-44E0-9551-F390AF0AD8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "8FB89648-5727-4F8F-83B7-3E11CE69EA3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr7:*:*:*:*:*:*",
"matchCriteriaId": "589E62A1-067B-4220-9959-03367E5E014F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
"matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
"matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en un control ActiveX en el proxy de cliente de Symantec (CLIproxy.dll) en Symantec AntiVirus v10.0.x, v10.1.x anterior a MR9 y v10.2.x anterior a MR4 y Symantec Client Security v3.0.x y v3.1.x anterior a MR9 podr\u00eda permitir a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos relacionados con un proxy."
}
],
"id": "CVE-2010-0108",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-19T17:30:00.690",
"references": [
{
"source": "cve@mitre.org",
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38651"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38222"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0412"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dsecrg.com/pages/vul/show.php?id=139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/509681/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56355"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-31 21:00
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/43099 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/43106 | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1024996 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/45936 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2011/0234 | Vendor Advisory | |
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-11-028 | ||
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-11-030 | ||
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-11-031 | ||
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-11-032 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/64940 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43099 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43106 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024996 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/45936 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0234 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-11-028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-11-030 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-11-031 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-11-032 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/64940 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.1.2 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1.0.1 | |
| symantec | antivirus | 10.1.4 | |
| symantec | antivirus | 10.1.4.1 | |
| symantec | antivirus | 10.1.5 | |
| symantec | antivirus | 10.1.5.1 | |
| symantec | antivirus | 10.1.6 | |
| symantec | antivirus | 10.1.6.1 | |
| symantec | antivirus | 10.1.7 | |
| symantec | antivirus | 10.1.8 | |
| symantec | antivirus | 10.1.9 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | system_center | 10.0 | |
| symantec | system_center | 10.1 | |
| symantec | antivirus_central_quarantine_server | 3.5 | |
| symantec | antivirus_central_quarantine_server | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*",
"matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EFAA2B2E-0902-4F86-8076-34ED2ECBF02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*",
"matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:system_center:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "853171A9-1DD8-4C49-9564-956FB030DEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EED74697-A20C-47F0-9CF6-605981B2675F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B4436C-B67A-4904-80B3-1BE419E56699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22949831-311A-4A92-B358-0F43971DBAAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en Intel Alert Management System (tambi\u00e9n conocido como AMS o AMS2), como es usado en Symantec AntiVirus Corporate Edition (SAVCE) v10.x anterior a v10.1 MR10, Symantec System Center (SSC) v10.x,y Symantec Quarantine Server v3.5 y v3.6, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de (1) una cadena larga para msgsys.exe, relacionada con la funci\u00f3n AMSSendAlertAct en AMSLIB.dll en el servicio Intel Alert Handler (tambi\u00e9n conocido como servicio Symantec Intel Handler); una larga (2)cadena modem o (3) n\u00famero PIN para msgsys.exe, relacionado con pagehndl.dll en el servicio Intel Alert Handler; o (4) un mensaje para msgsys.exe, relacionado con iao.exe en el servicio Intel Alert Originator ."
}
],
"id": "CVE-2010-0110",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-31T21:00:01.610",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43106"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024996"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/34856 | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/503080/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34672 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34674 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022130 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022131 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022132 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1204 | ||
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-09-018/ | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/50177 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/50178 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34856 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/503080/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34672 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34674 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022130 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022131 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022132 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1204 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-09-018/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50177 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50178 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | * | |
| symantec | antivirus | * | |
| symantec | antivirus | * | |
| symantec | antivirus | - | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | antivirus_central_quarantine_server | * | |
| symantec | client_security | * | |
| symantec | client_security | 2.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0.0.359 | |
| symantec | client_security | 3.0.1.1000 | |
| symantec | client_security | 3.0.1.1001 | |
| symantec | client_security | 3.0.1.1007 | |
| symantec | client_security | 3.0.1.1008 | |
| symantec | client_security | 3.0.1.1009 | |
| symantec | client_security | 3.0.2 | |
| symantec | client_security | 3.0.2.2000 | |
| symantec | client_security | 3.0.2.2001 | |
| symantec | client_security | 3.0.2.2002 | |
| symantec | client_security | 3.0.2.2010 | |
| symantec | client_security | 3.0.2.2011 | |
| symantec | client_security | 3.0.2.2020 | |
| symantec | client_security | 3.0.2.2021 | |
| symantec | endpoint_protection | * | |
| symantec | system_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4CD3B130-38CD-4B85-B054-EE43C205E935",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C754F33C-88E5-45A7-96D9-91C0D0397ED8",
"versionEndIncluding": "10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC7EDE-5A85-4D8E-99B0-FF6690BCE35E",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
},
{
"lang": "es",
"value": "Desbordamiento m\u00faltiple de b\u00fafer basado en pila en IAO.EXE en el Intel Alert Originator Service en Symantec Alert Management System 2 (AMS2), tal como se utiliza en Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 anterior a v9.0 MR7, v10.0 y v10.1 anterior a v10.1 MR8, y v10.2 anterior a v10.2 MR2; Symantec Client Security (SCS) v2 anterior a v2.0 MR7 y v3 anterior a v3.1 MR8; y Symantec Endpoint Protection (SEP) anterior a v11.0 MR3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) un paquete elaborado o (2) los datos que aparentemente se reciban a del proceso MsgSys.exe."
}
],
"id": "CVE-2009-1430",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.250",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-02-19 17:30
Modified
2025-04-11 00:51
Severity ?
Summary
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/62414 | ||
| cve@mitre.org | http://secunia.com/advisories/38653 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/38219 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1023621 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_00 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/0410 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/56354 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/62414 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38653 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/38219 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1023621 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_00 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/0410 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/56354 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1.0.1 | |
| symantec | antivirus | 10.1.4 | |
| symantec | antivirus | 10.1.4.1 | |
| symantec | antivirus | 10.1.5 | |
| symantec | antivirus | 10.1.5.1 | |
| symantec | antivirus | 10.1.6 | |
| symantec | antivirus | 10.1.6.1 | |
| symantec | antivirus | 10.1.7 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0.0.359 | |
| symantec | client_security | 3.0.1.1000 | |
| symantec | client_security | 3.0.1.1007 | |
| symantec | client_security | 3.0.1.1008 | |
| symantec | client_security | 3.0.2 | |
| symantec | client_security | 3.0.2.2000 | |
| symantec | client_security | 3.0.2.2001 | |
| symantec | client_security | 3.0.2.2010 | |
| symantec | client_security | 3.0.2.2011 | |
| symantec | client_security | 3.0.2.2020 | |
| symantec | client_security | 3.0.2.2021 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1.0.396 | |
| symantec | client_security | 3.1.0.401 | |
| symantec | client_security | 3.1.394 | |
| symantec | client_security | 3.1.400 | |
| symantec | client_security | 3.1.401 | |
| symantec | endpoint_protection | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02FE2FB-514A-48F9-8833-B1EF4CC1E27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD10A73-3DEF-48BD-9B35-D2BF791560E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03684DB6-9DC6-4EDD-902F-D1EC160330ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D38110-4B50-472E-9743-52A137F2ED93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1004A37-D22B-4690-8625-B631595C8B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7A5EDA-F1FF-4F66-BC78-DC6429D301CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A664090-5993-4DF2-AD6B-0F4867DB98B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "079D24C8-27D6-4794-8E56-58A7885DFE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "732CB44D-7468-486A-85CA-FA1365DB0F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E236C99A-D524-462A-BD8E-97A07B3BFC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "37456791-164A-489B-A905-8B61C6F91BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C39155B8-55BD-4B58-85DB-505876930A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "287B278D-A114-4795-8934-64E3C4472481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C311B10-D660-4F50-828D-6D2CDBE550BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "6D4A3BB0-C293-47D5-AC66-4AFAEC45EFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "120CD307-806A-45A8-9DCF-D23FEE072432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
"matchCriteriaId": "CD25A172-D70C-44E0-9551-F390AF0AD8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "8FB89648-5727-4F8F-83B7-3E11CE69EA3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr7:*:*:*:*:*:*",
"matchCriteriaId": "589E62A1-067B-4220-9959-03367E5E014F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
"matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
"matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via \"specific events\" that prevent the user from having read access to unspecified resources."
},
{
"lang": "es",
"value": "El escaneo bajo demanda en Symantec AntiVirus v10.0.x y v10.1.x anterior a MR9, AntiVirus v10.2.x, Client Security v3.0.x y v3.1.x anterior a MR9 y Endpoint Protection v11.x, cuando la protecci\u00f3n de manipulaci\u00f3n est\u00e1 desactivado, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (prevenci\u00f3n de escaneo bajo demanda) a trav\u00e9s de \"eventos concretos\" que impiden que el usuario tenga acceso de lectura a recursos no especificados."
}
],
"id": "CVE-2010-0106",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-02-19T17:30:00.660",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/62414"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38653"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38219"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023621"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/62414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023621"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0410"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56354"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-08 22:30
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/57429 | ||
| cve@mitre.org | http://secunia.com/advisories/36493 | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/34670 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_01 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/2449 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/52820 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/57429 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/36493 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34670 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/2449 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/52820 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 9.0 | |
| symantec | antivirus | 9.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | client_security | 2.0 | |
| symantec | client_security | 2.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1 | |
| symantec | norton_antivirus | 2005 | |
| symantec | norton_antivirus | 2006 | |
| symantec | norton_antivirus | 2007 | |
| symantec | norton_antivirus | 2008 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_internet_security | 2007 | |
| symantec | norton_internet_security | 2008 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:9.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "655D99D5-1805-4A6F-A5C1-FB4A8B3A6520",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:9.0:mr6:corporate:*:*:*:*:*",
"matchCriteriaId": "BF932C81-A605-4A38-8642-A903692860BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*",
"matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*",
"matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:mr6:*:*:*:*:*:*",
"matchCriteriaId": "437DD896-93F5-49E1-AEE6-F7910F087FC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "6D4A3BB0-C293-47D5-AC66-4AFAEC45EFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "120CD307-806A-45A8-9DCF-D23FEE072432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
"matchCriteriaId": "CD25A172-D70C-44E0-9551-F390AF0AD8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
"matchCriteriaId": "8FB89648-5727-4F8F-83B7-3E11CE69EA3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr6:*:*:*:*:*:*",
"matchCriteriaId": "7E5A8C92-95C4-4ECC-AEA4-37F830B890E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:mr7:*:*:*:*:*:*",
"matchCriteriaId": "589E62A1-067B-4220-9959-03367E5E014F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "C988B309-F397-412A-8570-C3823C7FE7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "FA990FD5-DF2F-470A-936D-155A36BEDE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Symantec Norton AntiVirus 2005 hasta 2008; Norton Internet Security 2005 hasta 2008; AntiVirus Corporate Edition v9.0 anteriores a MR7, v10.0, v10.1 anteriores a MR8, y v10.2 anteriores a MR3; y Client Security v2.0 anteriores a MR7, v3.0, y v3.1 anteriores a MR8; cuando Internet Email Scanning est\u00e1 instalado y habilitado, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (consumo CPU y p\u00e9rdida de conexi\u00f3n persistente) a trav\u00e9s de vectores de ataque desconocidos."
}
],
"id": "CVE-2009-3104",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-09-08T22:30:00.530",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/57429"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36493"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34670"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090826_01"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2449"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52820"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/57429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090826_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52820"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-22 21:00
Modified
2025-04-11 00:51
Severity ?
Summary
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/42593 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/43099 | ||
| cve@mitre.org | http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos | Exploit | |
| cve@mitre.org | http://www.securityfocus.com/archive/1/515191/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/45936 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1024866 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/3206 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2011/0234 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/64028 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/42593 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43099 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/515191/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/45936 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1024866 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/3206 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0234 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/64028 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | intel_alert_management_system | * | |
| symantec | antivirus | 10.1.4.4010 | |
| microsoft | windows_2000 | - | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.1 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.2 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.4 | |
| symantec | endpoint_protection | 11.0.3001 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:intel_alert_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2E65A4-96C7-4C7E-9B25-346EAA5BDE71",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.4010:*:corporate:*:*:*:*:*",
"matchCriteriaId": "17C1DCC3-7D90-454E-BC4D-D615944A9A8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2000:-:sp4:*:*:*:*:*:*",
"matchCriteriaId": "CA2CBE65-F4B6-49AF-983C-D3CF6C172CC5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:rtm:*:*:*:*:*:*",
"matchCriteriaId": "BE45A9A3-ACFD-49C4-9E11-8FC74814568C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*",
"matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*",
"matchCriteriaId": "F1580B17-6873-40AD-B092-EB768E656C5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "6C2C5BA5-2A3D-4D67-AA8F-0A454E69BE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*",
"matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*",
"matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*",
"matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*",
"matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request."
},
{
"lang": "es",
"value": "La funci\u00f3n GetStringAMSHandler en prgxhndl.dll en hndlrsvc.exe en Intel Alert Handler service (conocido como Symantec Intel Handler service) en Intel Alert Management System (AMS), como el usado en Symantec Antivirus Corporate Edition v10.1.4.4010 en Windows 2000 SP4 y Symantec Endpoint Protection anterior v11.x, no valida adecuadamente el campo CommandLine de una petici\u00f3n AMS, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda aplicaci\u00f3n) a trav\u00e9s de peticiones manipuladas. \r\n\r\n\r\n\r\n"
}
],
"id": "CVE-2010-3268",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-22T21:00:15.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42593"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/43099"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1024866"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/515191/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64028"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-31 21:00
Modified
2025-04-11 00:51
Severity ?
Summary
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/43099 | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1024996 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/45936 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2011/0234 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/65071 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43099 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024996 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/45936 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0234 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/65071 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.1.2 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1.0.1 | |
| symantec | antivirus | 10.1.4 | |
| symantec | antivirus | 10.1.4.1 | |
| symantec | antivirus | 10.1.5 | |
| symantec | antivirus | 10.1.5.1 | |
| symantec | antivirus | 10.1.6 | |
| symantec | antivirus | 10.1.6.1 | |
| symantec | antivirus | 10.1.7 | |
| symantec | antivirus | 10.1.8 | |
| symantec | antivirus | 10.1.9 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | system_center | 10.0 | |
| symantec | system_center | 10.1 | |
| symantec | antivirus_central_quarantine_server | 3.5 | |
| symantec | antivirus_central_quarantine_server | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*",
"matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EFAA2B2E-0902-4F86-8076-34ED2ECBF02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*",
"matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:system_center:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "853171A9-1DD8-4C49-9564-956FB030DEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EED74697-A20C-47F0-9CF6-605981B2675F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B4436C-B67A-4904-80B3-1BE419E56699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22949831-311A-4A92-B358-0F43971DBAAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Intel Alert Management System(tambi\u00e9n conocido como AMS o AMS2), tal como se utiliza en Symantec Antivirus Corporate Edition (SAVCE) v10.x anterior a v10,1 MR10, Symantec System Center (SSC) v10.x, Symantec Quarantine Server v3.5 y v3.6, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de mensajes manipulados a trav\u00e9s de TCP, como lo descubri\u00f3 Junaid Boh\u00edo, una vulnerabilidad diferente de CVE-2010-0110 y CVE-2010 0111. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."
}
],
"id": "CVE-2011-0688",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-31T21:00:25.393",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024996"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to "two parsing errors."
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/54132 | ||
| cve@mitre.org | http://secunia.com/advisories/34936 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/34669 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022133 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022134 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1022135 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_01 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1203 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/50170 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/54132 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34936 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34669 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022133 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022134 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022135 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1203 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50170 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | * | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | endpoint_protection | 11.0 | |
| symantec | norton_360 | 1.0 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2005_contains_nav_11.0.0 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_internet_security | 2007 | |
| symantec | norton_internet_security | 2008 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F1EF45-537A-4656-BDE8-FA9383A75676",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E02FE2FB-514A-48F9-8833-B1EF4CC1E27E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD10A73-3DEF-48BD-9B35-D2BF791560E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "03684DB6-9DC6-4EDD-902F-D1EC160330ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "64D38110-4B50-472E-9743-52A137F2ED93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C1004A37-D22B-4690-8625-B631595C8B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE7A5EDA-F1FF-4F66-BC78-DC6429D301CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A664090-5993-4DF2-AD6B-0F4867DB98B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "079D24C8-27D6-4794-8E56-58A7885DFE87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "732CB44D-7468-486A-85CA-FA1365DB0F8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E236C99A-D524-462A-BD8E-97A07B3BFC69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "37456791-164A-489B-A905-8B61C6F91BAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C39155B8-55BD-4B58-85DB-505876930A1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "287B278D-A114-4795-8934-64E3C4472481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00819E08-CC5C-48FC-9F80-95B68AB19C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:anti_spyware:*:*:*:*:*",
"matchCriteriaId": "803641B7-E099-4CE8-B805-DBB338479E23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:professional:*:*:*:*:*",
"matchCriteriaId": "E4BBE123-56E1-46E0-93BE-38F0932D9C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0:*:*:*:*:*:*",
"matchCriteriaId": "F39AE3D7-7018-47AB-B332-D40EA5273CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.0.9:*:*:*:*:*:*",
"matchCriteriaId": "82446BA3-92F9-4689-9D67-3CE159AA0F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:11.5.6.14:*:*:*:*:*:*",
"matchCriteriaId": "98F9F2E3-1775-4EF9-9FE0-0D011307C269",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005_contains_nav_11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7FE1A0A-4352-459A-892D-29AB14AA3B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:professional:*:*:*:*:*",
"matchCriteriaId": "1DE91FB9-35C3-4DC7-BE00-7C60EE9FD880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus (SAV) before 10.1 MR8, Symantec Endpoint Protection (SEP) 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject arbitrary web script or HTML via a crafted e-mail message, related to \"two parsing errors.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en ccLgView.exe en Symantec Log Viewer, utilizado en Symantec AntiVirus (SAV), anterior a v10.1 MR8, Symantec Endpoint Protection (SEP) v11.0 anteriores a v11.0 MR1, Norton 360 v1.0, y Norton Internet Security 2005 hasta 2008, permite a atacantes remotos inyectar HTML o scripts web arbitrarios a su elecci\u00f3n a trav\u00e9s de un mensaje de correo electr\u00f3nico elaborado ,relacionadas con \"dos errores de an\u00e1lisis sint\u00e1ctico.\""
}
],
"id": "CVE-2009-1428",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-29T15:30:00.203",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54132"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34936"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34669"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022133"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022134"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022135"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022134"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50170"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 | Third Party Advisory | |
| cve@mitre.org | http://secunia.com/advisories/34856 | Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/34675 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id?1022130 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id?1022131 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.securitytracker.com/id?1022132 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | Vendor Advisory | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2009/1204 | Third Party Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/50179 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/34856 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/34675 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022130 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022131 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1022132 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2009/1204 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/50179 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | * | |
| symantec | antivirus | * | |
| symantec | antivirus | - | |
| symantec | antivirus_central_quarantine_server | * | |
| symantec | client_security | * | |
| symantec | client_security | * | |
| symantec | endpoint_protection | * | |
| symantec | system_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DF1F4E2F-B0F3-4FC1-8085-0A7B88586FBB",
"versionEndIncluding": "10.2",
"versionStartIncluding": "10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E740F9D8-BC99-4016-9B2B-E868DE018549",
"versionEndIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF597A7-8F2D-4C9D-97C6-ACF8F57A771A",
"versionEndIncluding": "3.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
},
{
"lang": "es",
"value": "XFR.EXE en el servicio Intel File Transfer en la consola en Symantec Alert Management System 2 (AMS2), tal como se utiliza en Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 anteriores a 9.0 MR7, 10.0 y 10.1 anteriores a 10.1 MR8, y 10.2 anteriores a 10.2 MR2; Symantec Client Security (SCS) 2 anteriores a 2.0 MR7 y 3 anteriores a 3.1 MR8; y Symantec Endpoint Protection (SEP) anteriores a 11.0 MR3, permite a atacantes remotos la ejecuci\u00f3n de c\u00f3digo arbitrario colocando el c\u00f3digo en un (1) compartido o (2) servidor WebDAV y luego enviando la ruta al compartido UNC de este servicio."
}
],
"evaluatorImpact": "Per vendor: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02\r\n\r\n\"Symantec System Center Impact\r\n\r\nSymantec System Center (SSS) is a Microsoft Management Console (MMC) plug-in which allows an administrator to manage all Symantec AntiVirus platforms from a single, centralized location. Alert Management System 2 (AMS2) is an alerting feature of System Center that listens for specific events and sends notifications as specified by the administrator.\r\n\r\nAMS2 is installed by default with Symantec System Center 9.0. AMS2 is an optional component in Symantec System Center 10.0 or 10.1. These vulnerabilities will only impact systems if AMS has been installed.\r\n\r\nSymantec AntiVirus Server Impact\r\n\r\nAMS2 is installed by default with Symantec AntiVirus Server 9.0. AMS2 is an optional component in Symantec AntiVirus Server 10.0 or 10.1. These vulnerabilities will only impact systems if AMS has been installed.\r\n\r\nSymantec AntiVirus and Symantec Endpoint Protection Central Quarantine Server Impact\r\n\r\nAMS2 is installed by default by Central Quarantine Server. These vulnerabilities will only impact systems if Quarantine Server has been installed.\r\n\r\nSymantec is not aware of any customers impacted by these issues, or of any attempts to exploit them. However, we recommend that any affected customers update their product immediately to protect against potential attempts to exploit these issues.\r\n\r\nCertain localized language versions of SCS 2.0/SAV 9.x were not patched due to compatibility issues on the localized platforms. As a result, customers who are running the following versions are strongly recommended to update to a non-vulnerable SCS 2.0/SAV 9 International English version or upgrade to a non-vulnerable version of SEP 11.x:\r\n\r\nSymantec Client Security 2.0/Symantec AntiVirus Corporate Edition 9.x (Chinese Simplified and Chinese Traditional)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Chinese Simplified and Chinese Traditional)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Korean)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Japanese licensed)\"",
"id": "CVE-2009-1431",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34675"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-02 22:19
Modified
2025-04-09 00:30
Severity ?
Summary
SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://osvdb.org/34692 | ||
| cve@mitre.org | http://secunia.com/advisories/24677 | Vendor Advisory | |
| cve@mitre.org | http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html | ||
| cve@mitre.org | http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php | Vendor Advisory | |
| cve@mitre.org | http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php | ||
| cve@mitre.org | http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/464456/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/archive/1/479830/100/0/threaded | ||
| cve@mitre.org | http://www.securityfocus.com/bid/23241 | Exploit | |
| cve@mitre.org | http://www.securitytracker.com/id?1017837 | Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1017838 | Patch | |
| cve@mitre.org | http://www.securitytracker.com/id?1021386 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1021387 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1021388 | ||
| cve@mitre.org | http://www.securitytracker.com/id?1021389 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2007/1192 | Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/33352 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://osvdb.org/34692 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/24677 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/464456/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/archive/1/479830/100/0/threaded | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/23241 | Exploit | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1017837 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1017838 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021386 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021387 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021388 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1021389 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2007/1192 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/33352 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | client_security | 3.0 | |
| symantec | client_security | 3.0.0.359 | |
| symantec | client_security | 3.0.1.1000 | |
| symantec | client_security | 3.0.1.1001 | |
| symantec | client_security | 3.0.1.1007 | |
| symantec | client_security | 3.0.1.1008 | |
| symantec | client_security | 3.0.1.1009 | |
| symantec | client_security | 3.0.2 | |
| symantec | client_security | 3.0.2.2000 | |
| symantec | client_security | 3.0.2.2001 | |
| symantec | client_security | 3.0.2.2002 | |
| symantec | client_security | 3.0.2.2010 | |
| symantec | client_security | 3.0.2.2011 | |
| symantec | client_security | 3.0.2.2020 | |
| symantec | client_security | 3.0.2.2021 | |
| symantec | client_security | 3.1 | |
| symantec | client_security | 3.1.0.396 | |
| symantec | client_security | 3.1.0.401 | |
| symantec | client_security | 3.1.394 | |
| symantec | client_security | 3.1.396 | |
| symantec | client_security | 3.1.400 | |
| symantec | client_security | 3.1.401 | |
| symantec | norton_360 | 1.0 | |
| symantec | norton_antispam | 2004 | |
| symantec | norton_antispam | 2005 | |
| symantec | norton_antivirus | 2004 | |
| symantec | norton_antivirus | 2005 | |
| symantec | norton_antivirus | 2006 | |
| symantec | norton_antivirus | 2007 | |
| symantec | norton_antivirus | 2008 | |
| symantec | norton_internet_security | 2004 | |
| symantec | norton_internet_security | 2005 | |
| symantec | norton_internet_security | 2006 | |
| symantec | norton_internet_security | 2007 | |
| symantec | norton_internet_security | 2008 | |
| symantec | norton_personal_firewall | 2004 | |
| symantec | norton_personal_firewall | 2005 | |
| symantec | norton_personal_firewall | 2006 | |
| symantec | norton_personal_firewall | 2006_9.1.0.33 | |
| symantec | norton_personal_firewall | 2006_9.1.1.7 | |
| symantec | norton_system_works | 2004 | |
| symantec | norton_system_works | 2005 | |
| symantec | norton_system_works | 2006 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
"matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
"matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*",
"matchCriteriaId": "D6090F86-0B42-403F-9996-9B7670EBAA5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
"matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00819E08-CC5C-48FC-9F80-95B68AB19C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "EA28BC22-ABF0-4F1E-BA83-85B398775450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antispam:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "44553774-85FF-4F2E-81CA-696A454EAA49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5E129A-4FA8-4084-92BE-5A65FABD53DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "11477B6E-C4C5-4664-91A7-D253077981F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "C988B309-F397-412A-8570-C3823C7FE7E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "FA990FD5-DF2F-470A-936D-155A36BEDE3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "2ACBDE0C-91D2-4357-9724-B60BBFF5D2B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "06C7CD61-A47B-4521-8C6F-4BB1F4C95614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "36C0FF0C-EB6E-479B-BFF9-E55CBC0D6500",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "CB5F3CB3-7EB3-416C-AD2F-6357DC7248CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C890A979-00E7-44E6-8CEA-8E4B2C966622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8C73F1-FEF1-40A3-BFAB-CE226B98E001",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC50007-59F4-45B0-BABF-BCF2CAB4A9B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "F589D9AA-FD1B-4929-93DC-801C36087E64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "29F670F0-FD5D-447C-94B8-691482D907F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "05EB078C-2538-4961-ABFF-6C4601C3977F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SPBBCDrv.sys in Symantec Norton Personal Firewall 2006 9.1.0.33 and 9.1.1.7 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateMutant and (2) NtOpenEvent functions. NOTE: it was later reported that Norton Internet Security 2008 15.0.0.60, and possibly other versions back to 2006, are also affected."
},
{
"lang": "es",
"value": "El archivo SPBBCDrv.sys en Symantec Norton Personal Firewall 2006 versiones 9.1.0.33 y 9.1.1.7 no comprueba ciertos argumentos antes de ser pasado hacia los controladores de la funci\u00f3n SSDT enlazada, lo que permite a los usuarios locales causar una denegaci\u00f3n de servicio (bloqueo) o posiblemente ejecutar c\u00f3digo arbitrario por medio de argumentos creados para las funciones (1) NtCreateMutant y (2) NtOpenEvent. NOTA: m\u00e1s tarde se inform\u00f3 que Norton Internet Security 2008 versi\u00f3n 15.0.0.60, y posiblemente otras versiones de 2006, tambi\u00e9n se ven afectados."
}
],
"id": "CVE-2007-1793",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-02T22:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/34692"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24677"
},
{
"source": "cve@mitre.org",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23241"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017837"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017838"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021386"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021387"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021388"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021389"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityresponse.symantec.com/avcenter/security/Content/2008.12.12.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.matousec.com/info/advisories/Norton-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464456/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/23241"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017837"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securitytracker.com/id?1017838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021387"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33352"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-31 21:00
Modified
2025-04-11 00:51
Severity ?
Summary
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://secunia.com/advisories/43099 | Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/43106 | Vendor Advisory | |
| cve@mitre.org | http://securitytracker.com/id?1024997 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/45935 | ||
| cve@mitre.org | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_01 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2011/0234 | Vendor Advisory | |
| cve@mitre.org | http://www.zerodayinitiative.com/advisories/ZDI-11-029 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/64942 | ||
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/64943 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43099 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/43106 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1024997 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/45935 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_01 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2011/0234 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zerodayinitiative.com/advisories/ZDI-11-029 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/64942 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/64943 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0 | |
| symantec | antivirus | 10.0.1 | |
| symantec | antivirus | 10.0.1.1 | |
| symantec | antivirus | 10.0.1.2 | |
| symantec | antivirus | 10.0.2 | |
| symantec | antivirus | 10.0.2.1 | |
| symantec | antivirus | 10.0.2.2 | |
| symantec | antivirus | 10.0.3 | |
| symantec | antivirus | 10.0.4 | |
| symantec | antivirus | 10.0.5 | |
| symantec | antivirus | 10.0.6 | |
| symantec | antivirus | 10.0.7 | |
| symantec | antivirus | 10.0.8 | |
| symantec | antivirus | 10.0.9 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1 | |
| symantec | antivirus | 10.1.0.1 | |
| symantec | antivirus | 10.1.4 | |
| symantec | antivirus | 10.1.4.1 | |
| symantec | antivirus | 10.1.5 | |
| symantec | antivirus | 10.1.5.1 | |
| symantec | antivirus | 10.1.6 | |
| symantec | antivirus | 10.1.6.1 | |
| symantec | antivirus | 10.1.7 | |
| symantec | antivirus | 10.1.8 | |
| symantec | antivirus | 10.1.9 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | antivirus | 10.2 | |
| symantec | system_center | 10.0 | |
| symantec | system_center | 10.1 | |
| symantec | antivirus_central_quarantine_server | 3.5 | |
| symantec | antivirus_central_quarantine_server | 3.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*",
"matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EFAA2B2E-0902-4F86-8076-34ED2ECBF02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*",
"matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:system_center:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "853171A9-1DD8-4C49-9564-956FB030DEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EED74697-A20C-47F0-9CF6-605981B2675F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B4436C-B67A-4904-80B3-1BE419E56699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22949831-311A-4A92-B358-0F43971DBAAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call."
},
{
"lang": "es",
"value": "HDNLRSVC.EXE en el servicio Intel Alert Handler (tambi\u00e9n conocido como servicio Symantec Intel Handler) en Intel Alert Management System (tambi\u00e9n conocido como AMS o AMS2) como el utilizado en Symantec AntiVirus Corporate Edition (SAVCE) v10.x anterior a v10.1 MR10, Symantec System Center (SSC) v10.x, y Symantec Quarantine Server v3.5 y v3.6, permite a atacantes remotos ejecutar programas de su eleeci\u00f3n enviando msgsys.exe a una ruta de acceso compartido UNC que es usada directamente en la llamada CreateProcessA (tambi\u00e9n conocido como CreateProcess)."
}
],
"id": "CVE-2010-0111",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-01-31T21:00:03.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43106"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024997"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45935"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}