cvelistv5 - cve-2010-0107

cve-2010-0107

Vulnerability from cvelistv5

Published

2010-02-23 20:00

Modified

2024-08-07 00:37

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/62412
cve@mitre.org	http://secunia.com/advisories/38654	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/509717/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/38217
cve@mitre.org	http://www.securitytracker.com/id?1023628
cve@mitre.org	http://www.securitytracker.com/id?1023629
cve@mitre.org	http://www.securitytracker.com/id?1023630
cve@mitre.org	http://www.securitytracker.com/id?1023631
cve@mitre.org	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0411	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/56357
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/62412
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38654	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/509717/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38217
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023628
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023629
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023630
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023631
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0411	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/56357

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:37:53.893Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "62412",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/62412"
          },
          {
            "name": "20100224 VUPEN Security Research - Symantec Products \"SYMLTCOM.dll\" Buffer Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
          },
          {
            "name": "1023630",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023630"
          },
          {
            "name": "38654",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38654"
          },
          {
            "name": "symantec-symltcom-activex-bo(56357)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
          },
          {
            "name": "ADV-2010-0411",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0411"
          },
          {
            "name": "1023631",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023631"
          },
          {
            "name": "38217",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38217"
          },
          {
            "name": "1023628",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023628"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
          },
          {
            "name": "1023629",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023629"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "62412",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/62412"
        },
        {
          "name": "20100224 VUPEN Security Research - Symantec Products \"SYMLTCOM.dll\" Buffer Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
        },
        {
          "name": "1023630",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023630"
        },
        {
          "name": "38654",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38654"
        },
        {
          "name": "symantec-symltcom-activex-bo(56357)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
        },
        {
          "name": "ADV-2010-0411",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0411"
        },
        {
          "name": "1023631",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023631"
        },
        {
          "name": "38217",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38217"
        },
        {
          "name": "1023628",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023628"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
        },
        {
          "name": "1023629",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023629"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0107",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "62412",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/62412"
            },
            {
              "name": "20100224 VUPEN Security Research - Symantec Products \"SYMLTCOM.dll\" Buffer Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
            },
            {
              "name": "1023630",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023630"
            },
            {
              "name": "38654",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38654"
            },
            {
              "name": "symantec-symltcom-activex-bo(56357)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
            },
            {
              "name": "ADV-2010-0411",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0411"
            },
            {
              "name": "1023631",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023631"
            },
            {
              "name": "38217",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38217"
            },
            {
              "name": "1023628",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023628"
            },
            {
              "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01",
              "refsource": "CONFIRM",
              "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
            },
            {
              "name": "1023629",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1023629"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-0107",
    "datePublished": "2010-02-23T20:00:00",
    "dateReserved": "2009-12-31T00:00:00",
    "dateUpdated": "2024-08-07T00:37:53.893Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"844A6963-F60C-4D48-8445-9056C99201D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2852548A-39A6-44FB-A73E-96507BA0CD8C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB9641FC-FF7B-4413-8163-B795AA35C888\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17862D7F-7001-46B8-A415-2A15A247E9BD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"170AEE7B-31AF-44E2-9B63-9703D0DE721C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E651C9BE-201B-4DDC-A650-F9269531290C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"56EA0BAC-ED6D-45D2-995C-18B828906E1C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63B1A9FC-707C-4F6F-959B-30B28E43D202\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"87E4E013-A819-42E0-8F8E-9B2D409F900E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"097B87A8-8176-4426-BDE4-6FDDD272E1B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EBD7767-C352-435B-8963-83F723FFD302\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E2FC1708-B643-4489-A59C-EBDAFD9B0078\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE714705-CEE9-4BA1-8573-FD3765BC7F94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D24019B-20F0-4B4D-86A5-9409698E6216\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD25A172-D70C-44E0-9551-F390AF0AD8A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FB89648-5727-4F8F-83B7-3E11CE69EA3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1:mr6:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E5A8C92-95C4-4ECC-AEA4-37F830B890E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"17110872-8BD5-4CB0-9F2A-B18D091A7EC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9D29AD07-6545-4180-8E32-C18586684845\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B3706E76-FC65-467E-8D09-A9EAC32E9BBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF555313-BB5A-4D8A-A3A1-609ABC39F6FE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC74372F-329A-4597-810B-88B865771C9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"00819E08-CC5C-48FC-9F80-95B68AB19C65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_360:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9405ECC3-F518-40F7-9541-904C6FACBC85\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44843812-35FC-4378-B239-EEC74A0C8A39\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C988B309-F397-412A-8570-C3823C7FE7E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FA990FD5-DF2F-470A-936D-155A36BEDE3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1CC64B1-772C-42A9-9B0A-08CA92DC87E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"692ECBCD-AB6B-4965-93F4-BDAD4777C018\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EF87752-C86D-4C89-9DE9-F874068C89EC\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \\\"masquerade as an authorized site.\\\"\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de b\\u00fafer en el control ActiveX (SYMLTCOM.dll) en Symantec N360 v1.0 y v2.0; Norton Internet Security, AntiVirus, SystemWorks, y Confidential 2006 through 2008; y Symantec Client Security v3.0.x anteriores a v3.1 MR9, y v3.1.x anteriores a MR9; permite a atacantes remotos producir una denegaci\\u00f3n de servicio (ca\\u00edda) y posiblemente ejecutar c\\u00f3digo arbitrario a trav\\u00e9s de vectores desconocidos. NOTA: Esto solo es una vulnerabilidad si el atacante puede actuar como si fuese un sitio autorizado.\"}]",
      "id": "CVE-2010-0107",
      "lastModified": "2024-11-21T01:11:32.740",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2010-02-23T20:30:00.467",
      "references": "[{\"url\": \"http://osvdb.org/62412\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/38654\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/509717/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/38217\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1023628\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1023629\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1023630\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1023631\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0411\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/56357\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/62412\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/38654\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/509717/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/38217\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1023628\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1023629\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1023630\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1023631\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2010/0411\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/56357\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-0107\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-02-23T20:30:00.467\",\"lastModified\":\"2024-11-21T01:11:32.740\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \\\"masquerade as an authorized site.\\\"\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de b\u00fafer en el control ActiveX (SYMLTCOM.dll) en Symantec N360 v1.0 y v2.0; Norton Internet Security, AntiVirus, SystemWorks, y Confidential 2006 through 2008; y Symantec Client Security v3.0.x anteriores a v3.1 MR9, y v3.1.x anteriores a MR9; permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos. NOTA: Esto solo es una vulnerabilidad si el atacante puede actuar como si fuese un sitio autorizado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"844A6963-F60C-4D48-8445-9056C99201D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2852548A-39A6-44FB-A73E-96507BA0CD8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB9641FC-FF7B-4413-8163-B795AA35C888\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17862D7F-7001-46B8-A415-2A15A247E9BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"170AEE7B-31AF-44E2-9B63-9703D0DE721C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E651C9BE-201B-4DDC-A650-F9269531290C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56EA0BAC-ED6D-45D2-995C-18B828906E1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63B1A9FC-707C-4F6F-959B-30B28E43D202\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87E4E013-A819-42E0-8F8E-9B2D409F900E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"097B87A8-8176-4426-BDE4-6FDDD272E1B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EBD7767-C352-435B-8963-83F723FFD302\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2FC1708-B643-4489-A59C-EBDAFD9B0078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE714705-CEE9-4BA1-8573-FD3765BC7F94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D24019B-20F0-4B4D-86A5-9409698E6216\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD25A172-D70C-44E0-9551-F390AF0AD8A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FB89648-5727-4F8F-83B7-3E11CE69EA3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1:mr6:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E5A8C92-95C4-4ECC-AEA4-37F830B890E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17110872-8BD5-4CB0-9F2A-B18D091A7EC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D29AD07-6545-4180-8E32-C18586684845\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3706E76-FC65-467E-8D09-A9EAC32E9BBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF555313-BB5A-4D8A-A3A1-609ABC39F6FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC74372F-329A-4597-810B-88B865771C9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00819E08-CC5C-48FC-9F80-95B68AB19C65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_360:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9405ECC3-F518-40F7-9541-904C6FACBC85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44843812-35FC-4378-B239-EEC74A0C8A39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C988B309-F397-412A-8570-C3823C7FE7E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA990FD5-DF2F-470A-936D-155A36BEDE3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1CC64B1-772C-42A9-9B0A-08CA92DC87E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"692ECBCD-AB6B-4965-93F4-BDAD4777C018\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EF87752-C86D-4C89-9DE9-F874068C89EC\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/62412\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38654\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/509717/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/38217\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1023628\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1023629\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1023630\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1023631\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0411\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56357\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/62412\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38654\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/509717/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/38217\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1023628\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1023629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1023630\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1023631\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0411\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/56357\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site.". Multiple Symantec products are prone to a stack-based buffer-overflow vulnerability because the applications utilize an ActiveX control that fails to adequately validate user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions. Remote Attacker An attacker can pass an unidentified vector, causing a denial of service. ----------------------------------------------------------------------

Public Beta of CSI and WSUS Integration http://secunia.com/blog/74

TITLE: Symantec Products "SYMLTCOM.dll" ActiveX Control Buffer Overflow

SECUNIA ADVISORY ID: SA38654

VERIFY ADVISORY: http://secunia.com/advisories/38654/

DESCRIPTION: A vulnerability has been reported in some Symantec products, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an input validation error in the SYMLTCOM.dll ActiveX control, which can be exploited to cause e.g. a stack-based buffer overflow when a user visits a specially crafted web page.

Successful exploitation allows execution of arbitrary code, but is limited to a certain unspecified domain.

Symantec Client Security 3.0.x: Update to SCS 3.1 MR9.

Symantec Client Security 3.1.x: Update to MR9.

PROVIDED AND/OR DISCOVERED BY: The vendor credits FrSIRT.

ORIGINAL ADVISORY: Symantec SYM10-003: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow Vulnerability

http://www.vupen.com/english/research.php

I. DESCRIPTION

VUPEN Vulnerability Research Team discovered a vulnerability in various Symantec security products.

II. CREDIT

The vulnerabilities were discovered by VUPEN Security

V. ABOUT VUPEN Security

VUPEN is a leading IT security research company providing vulnerability management services to allow enterprises and organizations to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.

VUPEN also provides research services for security vendors (antivirus, IDS, IPS,etc) to supplement their internal vulnerability research efforts and quickly develop vulnerability-based and exploit-based signatures, rules, and filters, and proactively protect their customers against potential threats.

VUPEN Vulnerability Notification Service:

http://www.vupen.com/english/services

VUPEN Exploits and In-Depth Vulnerability Analysis:

http://www.vupen.com/exploits

VI. REFERENCES

http://www.vupen.com/english/advisories/2010/0411 http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0107

VII. DISCLOSURE TIMELINE

2008-04-07 - Vendor notified 2008-04-08 - Vendor response 2008-05-09 - Status update received 2008-06-10 - Status update received 2008-12-05 - Status update received 2010-02-18 - Patches available, public disclosure

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201002-0080",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.1.400"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.1.401"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "symantec",
        "version": "3.1.396"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "3.1.0.396"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "3.1.0.401"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.1.1008"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.1.1009"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.1.1000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2020"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2010"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2001"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.1.1007"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.1.1001"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2011"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2021"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "2006"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "symantec",
        "version": "3.0.2.2002"
      },
      {
        "model": "norton 360",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "norton 360",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2.0"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2007"
      },
      {
        "model": "norton internet security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2007"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2008"
      },
      {
        "model": "norton internet security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2008"
      },
      {
        "model": "norton internet security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2006"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "3.0.2"
      },
      {
        "model": "client security",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "3.1 mr9"
      },
      {
        "model": "norton 360",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "1.0    2.0"
      },
      {
        "model": "norton antivirus",
        "scope": null,
        "trust": 0.8,
        "vendor": "symantec",
        "version": null
      },
      {
        "model": "norton internet security",
        "scope": null,
        "trust": 0.8,
        "vendor": "symantec",
        "version": null
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.6.6000"
      },
      {
        "model": "norton systemworks",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20060"
      },
      {
        "model": "norton internet security professional edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2006"
      },
      {
        "model": "norton internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20080"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.5.5010"
      },
      {
        "model": "norton confidential",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20070"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.6.6010"
      },
      {
        "model": "norton internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20060"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.7.7000"
      },
      {
        "model": "norton confidential",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20080"
      },
      {
        "model": "client security mr6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.1.1003"
      },
      {
        "model": "norton system works",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "2006"
      },
      {
        "model": "norton confidential",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20060"
      },
      {
        "model": "norton systemworks premier",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20050"
      },
      {
        "model": "norton",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3602.0"
      },
      {
        "model": "client security mr4 mp1 build",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.4-4010"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.394"
      },
      {
        "model": "client security mr8",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.0.0.359"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.5.5000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.4.4000"
      },
      {
        "model": "client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1.5.5001"
      },
      {
        "model": "norton systemworks",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20070"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20070"
      },
      {
        "model": "norton",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3601.0"
      },
      {
        "model": "client security mr7",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "client security mr9",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1"
      },
      {
        "model": "norton antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20080"
      },
      {
        "model": "norton systemworks",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20080"
      },
      {
        "model": "norton internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20070"
      },
      {
        "model": "client security mr6 mp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3.1"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "38217"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0107"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_360:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0107"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "FrSIRT",
    "sources": [
      {
        "db": "BID",
        "id": "38217"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2010-0107",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2010-0107",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-42712",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2010-0107",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201002-232",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-42712",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42712"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0107"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\". Multiple Symantec products are prone to a stack-based buffer-overflow vulnerability because the applications utilize an ActiveX control that fails to adequately validate user-supplied input. \nAn attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer).  Failed attacks will likely cause denial-of-service conditions. Remote Attacker An attacker can pass an unidentified vector, causing a denial of service. ----------------------------------------------------------------------\n\n\nPublic Beta of CSI and WSUS Integration\nhttp://secunia.com/blog/74\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSymantec Products \"SYMLTCOM.dll\" ActiveX Control Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA38654\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38654/\n\nDESCRIPTION:\nA vulnerability has been reported in some Symantec products, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an input validation error in the\nSYMLTCOM.dll ActiveX control, which can be exploited to cause e.g. a\nstack-based buffer overflow when a user visits a specially crafted\nweb page. \n\nSuccessful exploitation allows execution of arbitrary code, but is\nlimited to a certain unspecified domain. \n\nSymantec Client Security 3.0.x:\nUpdate to SCS 3.1 MR9. \n\nSymantec Client Security 3.1.x:\nUpdate to MR9. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits FrSIRT. \n\nORIGINAL ADVISORY:\nSymantec SYM10-003:\nhttp://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. VUPEN Security Research - Symantec Products \"SYMLTCOM.dll\" Buffer Overflow \nVulnerability\n\nhttp://www.vupen.com/english/research.php\n\n\nI. DESCRIPTION\n--------------------- \n\nVUPEN Vulnerability Research Team discovered a vulnerability in various\nSymantec security products. \n\n\nII. CREDIT\n-------------- \n\nThe vulnerabilities were discovered by VUPEN Security\n\n\nV. ABOUT VUPEN Security\n---------------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement services to allow enterprises and organizations to eliminate\nvulnerabilities before they can be exploited, ensure security policy\ncompliance and meaningfully measure and manage risks. \n\nVUPEN also provides research services for security vendors (antivirus,\nIDS, IPS,etc) to supplement their internal vulnerability research efforts\nand quickly develop vulnerability-based and exploit-based signatures,\nrules, and filters, and proactively protect their customers against\npotential threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services\n\n* VUPEN Exploits and In-Depth Vulnerability Analysis:\n\nhttp://www.vupen.com/exploits\n\n\nVI. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/0411\nhttp://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0107\n\n\nVII. DISCLOSURE TIMELINE\n----------------------------------- \n\n2008-04-07 - Vendor notified\n2008-04-08 - Vendor response\n2008-05-09 - Status update received\n2008-06-10 - Status update received\n2008-12-05 - Status update received\n2010-02-18 - Patches available, public disclosure\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-0107"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "db": "BID",
        "id": "38217"
      },
      {
        "db": "VULHUB",
        "id": "VHN-42712"
      },
      {
        "db": "PACKETSTORM",
        "id": "86447"
      },
      {
        "db": "PACKETSTORM",
        "id": "86693"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-42712",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42712"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-0107",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "38217",
        "trust": 2.0
      },
      {
        "db": "VUPEN",
        "id": "ADV-2010-0411",
        "trust": 1.8
      },
      {
        "db": "SECUNIA",
        "id": "38654",
        "trust": 1.8
      },
      {
        "db": "SECTRACK",
        "id": "1023628",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1023631",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1023630",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1023629",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "62412",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-232",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "56357",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "86693",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-42712",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "86447",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42712"
      },
      {
        "db": "BID",
        "id": "38217"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "db": "PACKETSTORM",
        "id": "86447"
      },
      {
        "db": "PACKETSTORM",
        "id": "86693"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0107"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ]
  },
  "id": "VAR-201002-0080",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42712"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:11:25.763000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SYM10-003",
        "trust": 0.8,
        "url": "http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42712"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0107"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://www.vupen.com/english/advisories/2010/0411"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/38217"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/62412"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1023628"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1023629"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1023630"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id?1023631"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/38654"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
      },
      {
        "trust": 1.1,
        "url": "http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
      },
      {
        "trust": 1.0,
        "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0107"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0107"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/56357"
      },
      {
        "trust": 0.3,
        "url": "https://www.f-secure.com"
      },
      {
        "trust": 0.3,
        "url": "http://support.microsoft.com/kb/240797"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=2010\u0026amp;suid=20100217_01"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/38654/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/blog/74"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.vupen.com/english/research.php"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0107"
      },
      {
        "trust": 0.1,
        "url": "http://www.vupen.com/exploits"
      },
      {
        "trust": 0.1,
        "url": "http://www.vupen.com/english/services"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-42712"
      },
      {
        "db": "BID",
        "id": "38217"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "db": "PACKETSTORM",
        "id": "86447"
      },
      {
        "db": "PACKETSTORM",
        "id": "86693"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0107"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-42712"
      },
      {
        "db": "BID",
        "id": "38217"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "db": "PACKETSTORM",
        "id": "86447"
      },
      {
        "db": "PACKETSTORM",
        "id": "86693"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-0107"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-02-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42712"
      },
      {
        "date": "2010-02-17T00:00:00",
        "db": "BID",
        "id": "38217"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "date": "2010-02-18T17:45:10",
        "db": "PACKETSTORM",
        "id": "86447"
      },
      {
        "date": "2010-02-25T06:29:19",
        "db": "PACKETSTORM",
        "id": "86693"
      },
      {
        "date": "2010-02-23T20:30:00.467000",
        "db": "NVD",
        "id": "CVE-2010-0107"
      },
      {
        "date": "2010-02-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-42712"
      },
      {
        "date": "2010-02-17T00:00:00",
        "db": "BID",
        "id": "38217"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      },
      {
        "date": "2018-10-10T19:51:03.757000",
        "db": "NVD",
        "id": "CVE-2010-0107"
      },
      {
        "date": "2010-02-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "86693"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Symantec N360 Such as  SYMLTCOM.dll Vulnerable to buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005201"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201002-232"
      }
    ],
    "trust": 0.6
  }
}

gsd-2010-0107

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2010-0107

Aliases

CVE-2010-0107

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-0107",
    "description": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\"",
    "id": "GSD-2010-0107"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-0107"
      ],
      "details": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\"",
      "id": "GSD-2010-0107",
      "modified": "2023-12-13T01:21:28.435313Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2010-0107",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\""
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "62412",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/62412"
          },
          {
            "name": "20100224 VUPEN Security Research - Symantec Products \"SYMLTCOM.dll\" Buffer Overflow Vulnerability",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
          },
          {
            "name": "1023630",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1023630"
          },
          {
            "name": "38654",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/38654"
          },
          {
            "name": "symantec-symltcom-activex-bo(56357)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
          },
          {
            "name": "ADV-2010-0411",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2010/0411"
          },
          {
            "name": "1023631",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1023631"
          },
          {
            "name": "38217",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/38217"
          },
          {
            "name": "1023628",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1023628"
          },
          {
            "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01",
            "refsource": "CONFIRM",
            "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
          },
          {
            "name": "1023629",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1023629"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:norton_360:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-0107"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1023631",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1023631"
            },
            {
              "name": "1023629",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1023629"
            },
            {
              "name": "ADV-2010-0411",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/0411"
            },
            {
              "name": "1023628",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1023628"
            },
            {
              "name": "1023630",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1023630"
            },
            {
              "name": "38654",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/38654"
            },
            {
              "name": "38217",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/38217"
            },
            {
              "name": "62412",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/62412"
            },
            {
              "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
            },
            {
              "name": "symantec-symltcom-activex-bo(56357)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
            },
            {
              "name": "20100224 VUPEN Security Research - Symantec Products \"SYMLTCOM.dll\" Buffer Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-10T19:51Z",
      "publishedDate": "2010-02-23T20:30Z"
    }
  }
}

ghsa-r9jq-chpq-69vv

Vulnerability from github

Published

2022-05-02 06:10

Modified

2022-05-02 06:10

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-0107"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-02-23T20:30:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\"",
  "id": "GHSA-r9jq-chpq-69vv",
  "modified": "2022-05-02T06:10:13Z",
  "published": "2022-05-02T06:10:13Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0107"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/62412"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/38654"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/38217"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1023628"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1023629"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1023630"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1023631"
    },
    {
      "type": "WEB",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2010/0411"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2010-0107

Vulnerability from fkie_nvd

Published

2010-02-23 20:30

Modified

2024-11-21 01:11

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/62412
cve@mitre.org	http://secunia.com/advisories/38654	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/509717/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/38217
cve@mitre.org	http://www.securitytracker.com/id?1023628
cve@mitre.org	http://www.securitytracker.com/id?1023629
cve@mitre.org	http://www.securitytracker.com/id?1023630
cve@mitre.org	http://www.securitytracker.com/id?1023631
cve@mitre.org	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01
cve@mitre.org	http://www.vupen.com/english/advisories/2010/0411	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/56357
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/62412
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/38654	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/509717/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/38217
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023628
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023629
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023630
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1023631
af854a3a-2127-422b-91ae-364da2661108	http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2010/0411	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/56357

Impacted products

Vendor	Product	Version
symantec	client_security	3.0
symantec	client_security	3.0.1.1000
symantec	client_security	3.0.1.1001
symantec	client_security	3.0.1.1007
symantec	client_security	3.0.1.1008
symantec	client_security	3.0.1.1009
symantec	client_security	3.0.2
symantec	client_security	3.0.2.2000
symantec	client_security	3.0.2.2001
symantec	client_security	3.0.2.2002
symantec	client_security	3.0.2.2010
symantec	client_security	3.0.2.2011
symantec	client_security	3.0.2.2020
symantec	client_security	3.0.2.2021
symantec	client_security	3.1
symantec	client_security	3.1
symantec	client_security	3.1
symantec	client_security	3.1
symantec	client_security	3.1.0.396
symantec	client_security	3.1.0.401
symantec	client_security	3.1.396
symantec	client_security	3.1.400
symantec	client_security	3.1.401
symantec	norton_360	1.0
symantec	norton_360	2.0
symantec	norton_antivirus	2006
symantec	norton_antivirus	2007
symantec	norton_antivirus	2008
symantec	norton_internet_security	2006
symantec	norton_internet_security	2007
symantec	norton_internet_security	2008

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "844A6963-F60C-4D48-8445-9056C99201D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
              "matchCriteriaId": "2852548A-39A6-44FB-A73E-96507BA0CD8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB9641FC-FF7B-4413-8163-B795AA35C888",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
              "matchCriteriaId": "17862D7F-7001-46B8-A415-2A15A247E9BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
              "matchCriteriaId": "170AEE7B-31AF-44E2-9B63-9703D0DE721C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
              "matchCriteriaId": "E651C9BE-201B-4DDC-A650-F9269531290C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "56EA0BAC-ED6D-45D2-995C-18B828906E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
              "matchCriteriaId": "63B1A9FC-707C-4F6F-959B-30B28E43D202",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
              "matchCriteriaId": "87E4E013-A819-42E0-8F8E-9B2D409F900E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "097B87A8-8176-4426-BDE4-6FDDD272E1B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EBD7767-C352-435B-8963-83F723FFD302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2FC1708-B643-4489-A59C-EBDAFD9B0078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCE0C8A-A97C-4DE1-B0EE-3A2D16A34C77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE714705-CEE9-4BA1-8573-FD3765BC7F94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D24019B-20F0-4B4D-86A5-9409698E6216",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
              "matchCriteriaId": "CD25A172-D70C-44E0-9551-F390AF0AD8A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
              "matchCriteriaId": "8FB89648-5727-4F8F-83B7-3E11CE69EA3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1:mr6:*:*:*:*:*:*",
              "matchCriteriaId": "7E5A8C92-95C4-4ECC-AEA4-37F830B890E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
              "matchCriteriaId": "17110872-8BD5-4CB0-9F2A-B18D091A7EC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D29AD07-6545-4180-8E32-C18586684845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3706E76-FC65-467E-8D09-A9EAC32E9BBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF555313-BB5A-4D8A-A3A1-609ABC39F6FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC74372F-329A-4597-810B-88B865771C9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "00819E08-CC5C-48FC-9F80-95B68AB19C65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_360:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9405ECC3-F518-40F7-9541-904C6FACBC85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "44843812-35FC-4378-B239-EEC74A0C8A39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "C988B309-F397-412A-8570-C3823C7FE7E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA990FD5-DF2F-470A-936D-155A36BEDE3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CC64B1-772C-42A9-9B0A-08CA92DC87E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
              "matchCriteriaId": "692ECBCD-AB6B-4965-93F4-BDAD4777C018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EF87752-C86D-4C89-9DE9-F874068C89EC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.  NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\""
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el control ActiveX (SYMLTCOM.dll) en Symantec N360 v1.0 y v2.0; Norton Internet Security, AntiVirus, SystemWorks, y Confidential 2006 through 2008; y Symantec Client Security v3.0.x anteriores a v3.1 MR9, y v3.1.x anteriores a MR9; permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos. NOTA: Esto solo es una vulnerabilidad si el atacante puede actuar como si fuese un sitio autorizado."
    }
  ],
  "id": "CVE-2010-0107",
  "lastModified": "2024-11-21T01:11:32.740",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-23T20:30:00.467",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/62412"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38654"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/38217"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023628"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023629"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023630"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1023631"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0411"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/62412"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38654"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38217"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023628"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023630"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023631"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/0411"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2010-0107

Vulnerability from cvelistv5

var-201002-0080

Vulnerability from variot

I. DESCRIPTION

II. CREDIT

V. ABOUT VUPEN Security

VI. REFERENCES

VII. DISCLOSURE TIMELINE

gsd-2010-0107

Vulnerability from gsd

ghsa-r9jq-chpq-69vv

Vulnerability from github

cve-2010-0107

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature