All the vulnerabilites related to symantec - antivirus_central_quarantine_server
cve-2011-0688
Vulnerability from cvelistv5
Published
2011-01-31 20:00
Modified
2024-08-06 21:58
Severity ?
EPSS score ?
Summary
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/43099 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65071 | vdb-entry, x_refsource_XF | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1024996 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/45936 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2011/0234 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:58:26.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43099"
},
{
"name": "symantec-tcp-command-execution(65071)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "1024996",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43099"
},
{
"name": "symantec-tcp-command-execution(65071)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "1024996",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0688",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43099"
},
{
"name": "symantec-tcp-command-execution(65071)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "1024996",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0688",
"datePublished": "2011-01-31T20:00:00",
"dateReserved": "2011-01-31T00:00:00",
"dateUpdated": "2024-08-06T21:58:26.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0110
Vulnerability from cvelistv5
Published
2011-01-31 20:00
Modified
2024-08-07 00:37
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-11-031 | x_refsource_MISC | |
| http://www.zerodayinitiative.com/advisories/ZDI-11-028 | x_refsource_MISC | |
| http://secunia.com/advisories/43099 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.zerodayinitiative.com/advisories/ZDI-11-032 | x_refsource_MISC | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64940 | vdb-entry, x_refsource_XF | |
| http://www.zerodayinitiative.com/advisories/ZDI-11-030 | x_refsource_MISC | |
| http://secunia.com/advisories/43106 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1024996 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/45936 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2011/0234 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:54.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "symantec-intel-ams2-bo(64940)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"name": "43106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43106"
},
{
"name": "1024996",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "symantec-intel-ams2-bo(64940)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"name": "43106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43106"
},
{
"name": "1024996",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-031",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-028",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"name": "43099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43099"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-032",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"name": "symantec-intel-ams2-bo(64940)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-030",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"name": "43106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43106"
},
{
"name": "1024996",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024996"
},
{
"name": "45936",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"name": "ADV-2011-0234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0234"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0110",
"datePublished": "2011-01-31T20:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:54.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1429
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/1204 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1022132 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1022130 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50176 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/34671 | vdb-entry, x_refsource_BID | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/34856 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/54157 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1022131 | vdb-entry, x_refsource_SECTRACK | |
| http://securityreason.com/securityalert/8346 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.495Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "symantec-cba-command-execution(50176)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"name": "34671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34671"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "54157",
"refsource": "OSVDB",
"url": "http://osvdb.org/54157"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "8346",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1429",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1431
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/1204 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1022132 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1022130 | vdb-entry, x_refsource_SECTRACK | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/34856 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1022131 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/50179 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/34675 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34675"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "20090429 Symantec System Center Alert Management System Console Arbitrary Program Execution Design Error Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "symantec-xfr-code-execution(50179)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"name": "34675",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34675"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1431",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1430
Vulnerability from cvelistv5
Published
2009-04-29 15:00
Modified
2024-08-07 05:13
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34672"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-1204",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34672"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-1204",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"name": "1022132",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"name": "20090428 ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"name": "1022130",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"name": "34674",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"name": "symantec-msgsys-bo(50178)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"name": "34672",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"name": "symantec-iao-bo(50177)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"name": "34856",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34856"
},
{
"name": "1022131",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1430",
"datePublished": "2009-04-29T15:00:00",
"dateReserved": "2009-04-24T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0111
Vulnerability from cvelistv5
Published
2011-01-31 20:00
Modified
2024-08-07 00:37
Severity ?
EPSS score ?
Summary
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/43099 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.zerodayinitiative.com/advisories/ZDI-11-029 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64943 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/43106 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_01 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64942 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/45935 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2011/0234 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1024997 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"name": "symantec-intelams2-dos(64943)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
},
{
"name": "43106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43106"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"name": "symantec-intelams2-code-execution(64942)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"name": "45935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45935"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"name": "1024997",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024997"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "43099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43099"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"name": "symantec-intelams2-dos(64943)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
},
{
"name": "43106",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43106"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"name": "symantec-intelams2-code-execution(64942)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"name": "45935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45935"
},
{
"name": "ADV-2011-0234",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"name": "1024997",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024997"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0111",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "43099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43099"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-029",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"name": "symantec-intelams2-dos(64943)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
},
{
"name": "43106",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43106"
},
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"name": "symantec-intelams2-code-execution(64942)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"name": "45935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45935"
},
{
"name": "ADV-2011-0234",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"name": "1024997",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024997"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0111",
"datePublished": "2011-01-31T20:00:00",
"dateReserved": "2009-12-31T00:00:00",
"dateUpdated": "2024-08-07T00:37:53.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2011-01-31 21:00
Modified
2024-11-21 01:11
Severity ?
Summary
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*",
"matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EFAA2B2E-0902-4F86-8076-34ED2ECBF02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*",
"matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:system_center:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "853171A9-1DD8-4C49-9564-956FB030DEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EED74697-A20C-47F0-9CF6-605981B2675F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B4436C-B67A-4904-80B3-1BE419E56699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22949831-311A-4A92-B358-0F43971DBAAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en Intel Alert Management System (tambi\u00e9n conocido como AMS o AMS2), como es usado en Symantec AntiVirus Corporate Edition (SAVCE) v10.x anterior a v10.1 MR10, Symantec System Center (SSC) v10.x,y Symantec Quarantine Server v3.5 y v3.6, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de (1) una cadena larga para msgsys.exe, relacionada con la funci\u00f3n AMSSendAlertAct en AMSLIB.dll en el servicio Intel Alert Handler (tambi\u00e9n conocido como servicio Symantec Intel Handler); una larga (2)cadena modem o (3) n\u00famero PIN para msgsys.exe, relacionado con pagehndl.dll en el servicio Intel Alert Handler; o (4) un mensaje para msgsys.exe, relacionado con iao.exe en el servicio Intel Alert Originator ."
}
],
"id": "CVE-2010-0110",
"lastModified": "2024-11-21T01:11:33.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-31T21:00:01.610",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43106"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024996"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-031"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64940"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4CD3B130-38CD-4B85-B054-EE43C205E935",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C754F33C-88E5-45A7-96D9-91C0D0397ED8",
"versionEndIncluding": "10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC7EDE-5A85-4D8E-99B0-FF6690BCE35E",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function."
},
{
"lang": "es",
"value": "El LANDesk Common Base Agent (CBA) de Intel en Alert Management System 2 (AMS2) de Symantec, tal y como es usado en System Center (SSS) de Symantec; AntiVirus Server de Symantec; AntiVirus Central Quarantine Server de Symantec; Symantec AntiVirus (SAV) Corporate Edition versiones 9 anteriores a 9.0 MR7, versiones 10.0 y 10.1 anteriores a 10.1 MR8, y versiones 10.2 anteriores a 10.2 MR2; Symantec Client Security (SCS) versiones 2 anteriores a 2.0 MR7 y versiones 3 anteriores a 3.1 MR8; y Symantec Endpoint Protection (SEP) anterior a versi\u00f3n 11.0 MR3, permite a atacantes remotos ejecutar comandos arbitrarios por medio de un paquete dise\u00f1ado cuyo contenido se interpreta como un comando para ser iniciado en un nuevo proceso mediante la funci\u00f3n CreateProcessA."
}
],
"id": "CVE-2009-1429",
"lastModified": "2024-11-21T01:02:26.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.217",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/54157"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/8346"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50176"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-31 21:00
Modified
2024-11-21 01:11
Severity ?
Summary
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*",
"matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EFAA2B2E-0902-4F86-8076-34ED2ECBF02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*",
"matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:system_center:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "853171A9-1DD8-4C49-9564-956FB030DEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EED74697-A20C-47F0-9CF6-605981B2675F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B4436C-B67A-4904-80B3-1BE419E56699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22949831-311A-4A92-B358-0F43971DBAAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call."
},
{
"lang": "es",
"value": "HDNLRSVC.EXE en el servicio Intel Alert Handler (tambi\u00e9n conocido como servicio Symantec Intel Handler) en Intel Alert Management System (tambi\u00e9n conocido como AMS o AMS2) como el utilizado en Symantec AntiVirus Corporate Edition (SAVCE) v10.x anterior a v10.1 MR10, Symantec System Center (SSC) v10.x, y Symantec Quarantine Server v3.5 y v3.6, permite a atacantes remotos ejecutar programas de su eleeci\u00f3n enviando msgsys.exe a una ruta de acceso compartido UNC que es usada directamente en la llamada CreateProcessA (tambi\u00e9n conocido como CreateProcess)."
}
],
"id": "CVE-2010-0111",
"lastModified": "2024-11-21T01:11:33.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-01-31T21:00:03.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43106"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024997"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45935"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45935"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-31 21:00
Modified
2024-11-21 01:24
Severity ?
Summary
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*",
"matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EFAA2B2E-0902-4F86-8076-34ED2ECBF02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*",
"matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*",
"matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*",
"matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*",
"matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*",
"matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*",
"matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*",
"matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:system_center:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "853171A9-1DD8-4C49-9564-956FB030DEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EED74697-A20C-47F0-9CF6-605981B2675F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B4436C-B67A-4904-80B3-1BE419E56699",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22949831-311A-4A92-B358-0F43971DBAAE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Intel Alert Management System(tambi\u00e9n conocido como AMS o AMS2), tal como se utiliza en Symantec Antivirus Corporate Edition (SAVCE) v10.x anterior a v10,1 MR10, Symantec System Center (SSC) v10.x, Symantec Quarantine Server v3.5 y v3.6, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de mensajes manipulados a trav\u00e9s de TCP, como lo descubri\u00f3 Junaid Boh\u00edo, una vulnerabilidad diferente de CVE-2010-0110 y CVE-2010 0111. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."
}
],
"id": "CVE-2011-0688",
"lastModified": "2024-11-21T01:24:37.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-31T21:00:25.393",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024996"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024996"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45936"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2011\u0026suid=20110126_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65071"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4CD3B130-38CD-4B85-B054-EE43C205E935",
"versionEndIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C754F33C-88E5-45A7-96D9-91C0D0397ED8",
"versionEndIncluding": "10.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*",
"matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*",
"matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*",
"matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*",
"matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*",
"matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*",
"matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*",
"matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*",
"matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*",
"matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC7EDE-5A85-4D8E-99B0-FF6690BCE35E",
"versionEndIncluding": "3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0DDD0E02-306D-4675-B73A-2C2F619CDDCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*",
"matchCriteriaId": "FDB1C90D-DBC0-4DA0-AF5D-E42C41E84B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process."
},
{
"lang": "es",
"value": "Desbordamiento m\u00faltiple de b\u00fafer basado en pila en IAO.EXE en el Intel Alert Originator Service en Symantec Alert Management System 2 (AMS2), tal como se utiliza en Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 anterior a v9.0 MR7, v10.0 y v10.1 anterior a v10.1 MR8, y v10.2 anterior a v10.2 MR2; Symantec Client Security (SCS) v2 anterior a v2.0 MR7 y v3 anterior a v3.1 MR8; y Symantec Endpoint Protection (SEP) anterior a v11.0 MR3, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de (1) un paquete elaborado o (2) los datos que aparentemente se reciban a del proceso MsgSys.exe."
}
],
"id": "CVE-2009-1430",
"lastModified": "2024-11-21T01:02:26.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.250",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/503080/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34672"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-018/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50178"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-29 15:30
Modified
2024-11-21 01:02
Severity ?
Summary
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | antivirus | * | |
| symantec | antivirus | * | |
| symantec | antivirus | - | |
| symantec | antivirus_central_quarantine_server | * | |
| symantec | client_security | * | |
| symantec | client_security | * | |
| symantec | endpoint_protection | * | |
| symantec | system_center | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:-:corporate:*:*:*:*:*",
"matchCriteriaId": "658366BE-0214-4388-9C96-ABEB9E60C213",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:*:*:corporate:*:*:*:*:*",
"matchCriteriaId": "DF1F4E2F-B0F3-4FC1-8085-0A7B88586FBB",
"versionEndIncluding": "10.2",
"versionStartIncluding": "10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus:-:-:srv:*:*:*:*:*",
"matchCriteriaId": "91397AE1-03FB-4938-8E4F-6E0A29DD1D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8ABFB83-2B3D-4F73-A849-1910D8BCA622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E740F9D8-BC99-4016-9B2B-E868DE018549",
"versionEndIncluding": "2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DF597A7-8F2D-4C9D-97C6-ACF8F57A771A",
"versionEndIncluding": "3.1",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77B51F3-AB82-4C0A-8341-73CC9650F841",
"versionEndIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:system_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBAB5D5-E3B7-4D65-80E8-C0E5B40A95A8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service."
},
{
"lang": "es",
"value": "XFR.EXE en el servicio Intel File Transfer en la consola en Symantec Alert Management System 2 (AMS2), tal como se utiliza en Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 anteriores a 9.0 MR7, 10.0 y 10.1 anteriores a 10.1 MR8, y 10.2 anteriores a 10.2 MR2; Symantec Client Security (SCS) 2 anteriores a 2.0 MR7 y 3 anteriores a 3.1 MR8; y Symantec Endpoint Protection (SEP) anteriores a 11.0 MR3, permite a atacantes remotos la ejecuci\u00f3n de c\u00f3digo arbitrario colocando el c\u00f3digo en un (1) compartido o (2) servidor WebDAV y luego enviando la ruta al compartido UNC de este servicio."
}
],
"evaluatorImpact": "Per vendor: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02\r\n\r\n\"Symantec System Center Impact\r\n\r\nSymantec System Center (SSS) is a Microsoft Management Console (MMC) plug-in which allows an administrator to manage all Symantec AntiVirus platforms from a single, centralized location. Alert Management System 2 (AMS2) is an alerting feature of System Center that listens for specific events and sends notifications as specified by the administrator.\r\n\r\nAMS2 is installed by default with Symantec System Center 9.0. AMS2 is an optional component in Symantec System Center 10.0 or 10.1. These vulnerabilities will only impact systems if AMS has been installed.\r\n\r\nSymantec AntiVirus Server Impact\r\n\r\nAMS2 is installed by default with Symantec AntiVirus Server 9.0. AMS2 is an optional component in Symantec AntiVirus Server 10.0 or 10.1. These vulnerabilities will only impact systems if AMS has been installed.\r\n\r\nSymantec AntiVirus and Symantec Endpoint Protection Central Quarantine Server Impact\r\n\r\nAMS2 is installed by default by Central Quarantine Server. These vulnerabilities will only impact systems if Quarantine Server has been installed.\r\n\r\nSymantec is not aware of any customers impacted by these issues, or of any attempts to exploit them. However, we recommend that any affected customers update their product immediately to protect against potential attempts to exploit these issues.\r\n\r\nCertain localized language versions of SCS 2.0/SAV 9.x were not patched due to compatibility issues on the localized platforms. As a result, customers who are running the following versions are strongly recommended to update to a non-vulnerable SCS 2.0/SAV 9 International English version or upgrade to a non-vulnerable version of SEP 11.x:\r\n\r\nSymantec Client Security 2.0/Symantec AntiVirus Corporate Edition 9.x (Chinese Simplified and Chinese Traditional)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Chinese Simplified and Chinese Traditional)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Korean)\r\nSymantec Client Security 2.0/Symantec AntiVirus Business Pack 9.x (Japanese licensed)\"",
"id": "CVE-2009-1431",
"lastModified": "2024-11-21T01:02:26.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-29T15:30:00.267",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34675"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/34856"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/34675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1022132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2009\u0026suid=20090428_02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50179"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}