var-201002-0080
Vulnerability from variot
Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site.". Multiple Symantec products are prone to a stack-based buffer-overflow vulnerability because the applications utilize an ActiveX control that fails to adequately validate user-supplied input. An attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions. Remote Attacker An attacker can pass an unidentified vector, causing a denial of service. ----------------------------------------------------------------------
Public Beta of CSI and WSUS Integration http://secunia.com/blog/74
TITLE: Symantec Products "SYMLTCOM.dll" ActiveX Control Buffer Overflow
SECUNIA ADVISORY ID: SA38654
VERIFY ADVISORY: http://secunia.com/advisories/38654/
DESCRIPTION: A vulnerability has been reported in some Symantec products, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an input validation error in the SYMLTCOM.dll ActiveX control, which can be exploited to cause e.g. a stack-based buffer overflow when a user visits a specially crafted web page.
Successful exploitation allows execution of arbitrary code, but is limited to a certain unspecified domain.
Symantec Client Security 3.0.x: Update to SCS 3.1 MR9.
Symantec Client Security 3.1.x: Update to MR9.
PROVIDED AND/OR DISCOVERED BY: The vendor credits FrSIRT.
ORIGINAL ADVISORY: Symantec SYM10-003: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow Vulnerability
http://www.vupen.com/english/research.php
I. DESCRIPTION
VUPEN Vulnerability Research Team discovered a vulnerability in various Symantec security products.
II. CREDIT
The vulnerabilities were discovered by VUPEN Security
V. ABOUT VUPEN Security
VUPEN is a leading IT security research company providing vulnerability management services to allow enterprises and organizations to eliminate vulnerabilities before they can be exploited, ensure security policy compliance and meaningfully measure and manage risks.
VUPEN also provides research services for security vendors (antivirus, IDS, IPS,etc) to supplement their internal vulnerability research efforts and quickly develop vulnerability-based and exploit-based signatures, rules, and filters, and proactively protect their customers against potential threats.
- VUPEN Vulnerability Notification Service:
http://www.vupen.com/english/services
- VUPEN Exploits and In-Depth Vulnerability Analysis:
http://www.vupen.com/exploits
VI. REFERENCES
http://www.vupen.com/english/advisories/2010/0411 http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0107
VII. DISCLOSURE TIMELINE
2008-04-07 - Vendor notified 2008-04-08 - Vendor response 2008-05-09 - Status update received 2008-06-10 - Status update received 2008-12-05 - Status update received 2010-02-18 - Patches available, public disclosure
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201002-0080",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1.400"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1.401"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.0"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.9,
"vendor": "symantec",
"version": "3.1.396"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "3.1.0.396"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.6,
"vendor": "symantec",
"version": "3.1.0.401"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.1.1008"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.2.2000"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.1.1009"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.1.1000"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.2.2020"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.2.2010"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.2.2001"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.1.1007"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.1.1001"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.2.2011"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.2.2021"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "2006"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.3,
"vendor": "symantec",
"version": "3.0.2.2002"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "1.0"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2007"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2007"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2008"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2008"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "2006"
},
{
"model": "client security",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "3.0.2"
},
{
"model": "client security",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "3.1 mr9"
},
{
"model": "norton 360",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "1.0 2.0"
},
{
"model": "norton antivirus",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "norton internet security",
"scope": null,
"trust": 0.8,
"vendor": "symantec",
"version": null
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.6.6000"
},
{
"model": "norton systemworks",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20060"
},
{
"model": "norton internet security professional edition",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2006"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20080"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.5.5010"
},
{
"model": "norton confidential",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20070"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.6.6010"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20060"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.7.7000"
},
{
"model": "norton confidential",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20080"
},
{
"model": "client security mr6",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.1.1003"
},
{
"model": "norton system works",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "2006"
},
{
"model": "norton confidential",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20060"
},
{
"model": "norton systemworks premier",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20050"
},
{
"model": "norton",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3602.0"
},
{
"model": "client security mr4 mp1 build",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.4-4010"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.394"
},
{
"model": "client security mr8",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.0.0.359"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.5.5000"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.4.4000"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1.5.5001"
},
{
"model": "norton systemworks",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20070"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20070"
},
{
"model": "norton",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3601.0"
},
{
"model": "client security mr7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "client security mr9",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20080"
},
{
"model": "norton systemworks",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20080"
},
{
"model": "norton internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20070"
},
{
"model": "client security mr6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "3.1"
}
],
"sources": [
{
"db": "BID",
"id": "38217"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"db": "NVD",
"id": "CVE-2010-0107"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_antivirus:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_internet_security:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1:mr4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1009:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:norton_360:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0107"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "FrSIRT",
"sources": [
{
"db": "BID",
"id": "38217"
}
],
"trust": 0.3
},
"cve": "CVE-2010-0107",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-0107",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-42712",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-0107",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201002-232",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-42712",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42712"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"db": "NVD",
"id": "CVE-2010-0107"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can \"masquerade as an authorized site.\". Multiple Symantec products are prone to a stack-based buffer-overflow vulnerability because the applications utilize an ActiveX control that fails to adequately validate user-supplied input. \nAn attacker can exploit this issue to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed attacks will likely cause denial-of-service conditions. Remote Attacker An attacker can pass an unidentified vector, causing a denial of service. ----------------------------------------------------------------------\n\n\nPublic Beta of CSI and WSUS Integration\nhttp://secunia.com/blog/74\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSymantec Products \"SYMLTCOM.dll\" ActiveX Control Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA38654\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/38654/\n\nDESCRIPTION:\nA vulnerability has been reported in some Symantec products, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an input validation error in the\nSYMLTCOM.dll ActiveX control, which can be exploited to cause e.g. a\nstack-based buffer overflow when a user visits a specially crafted\nweb page. \n\nSuccessful exploitation allows execution of arbitrary code, but is\nlimited to a certain unspecified domain. \n\nSymantec Client Security 3.0.x:\nUpdate to SCS 3.1 MR9. \n\nSymantec Client Security 3.1.x:\nUpdate to MR9. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits FrSIRT. \n\nORIGINAL ADVISORY:\nSymantec SYM10-003:\nhttp://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. VUPEN Security Research - Symantec Products \"SYMLTCOM.dll\" Buffer Overflow \nVulnerability\n\nhttp://www.vupen.com/english/research.php\n\n\nI. DESCRIPTION\n--------------------- \n\nVUPEN Vulnerability Research Team discovered a vulnerability in various\nSymantec security products. \n\n\nII. CREDIT\n-------------- \n\nThe vulnerabilities were discovered by VUPEN Security\n\n\nV. ABOUT VUPEN Security\n---------------------------------\n\nVUPEN is a leading IT security research company providing vulnerability\nmanagement services to allow enterprises and organizations to eliminate\nvulnerabilities before they can be exploited, ensure security policy\ncompliance and meaningfully measure and manage risks. \n\nVUPEN also provides research services for security vendors (antivirus,\nIDS, IPS,etc) to supplement their internal vulnerability research efforts\nand quickly develop vulnerability-based and exploit-based signatures,\nrules, and filters, and proactively protect their customers against\npotential threats. \n\n* VUPEN Vulnerability Notification Service:\n\nhttp://www.vupen.com/english/services\n\n* VUPEN Exploits and In-Depth Vulnerability Analysis:\n\nhttp://www.vupen.com/exploits\n\n\nVI. REFERENCES\n----------------------\n\nhttp://www.vupen.com/english/advisories/2010/0411\nhttp://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0107\n\n\nVII. DISCLOSURE TIMELINE\n----------------------------------- \n\n2008-04-07 - Vendor notified\n2008-04-08 - Vendor response\n2008-05-09 - Status update received\n2008-06-10 - Status update received\n2008-12-05 - Status update received\n2010-02-18 - Patches available, public disclosure\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-0107"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"db": "BID",
"id": "38217"
},
{
"db": "VULHUB",
"id": "VHN-42712"
},
{
"db": "PACKETSTORM",
"id": "86447"
},
{
"db": "PACKETSTORM",
"id": "86693"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-42712",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42712"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-0107",
"trust": 2.9
},
{
"db": "BID",
"id": "38217",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2010-0411",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "38654",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1023628",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1023631",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1023630",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1023629",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "62412",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005201",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201002-232",
"trust": 0.7
},
{
"db": "XF",
"id": "56357",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "86693",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-42712",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "86447",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42712"
},
{
"db": "BID",
"id": "38217"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"db": "PACKETSTORM",
"id": "86447"
},
{
"db": "PACKETSTORM",
"id": "86693"
},
{
"db": "NVD",
"id": "CVE-2010-0107"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
]
},
"id": "VAR-201002-0080",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-42712"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:11:25.763000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYM10-003",
"trust": 0.8,
"url": "http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42712"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"db": "NVD",
"id": "CVE-2010-0107"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2010/0411"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/38217"
},
{
"trust": 1.7,
"url": "http://osvdb.org/62412"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1023628"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1023629"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1023630"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1023631"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/38654"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/509717/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56357"
},
{
"trust": 1.1,
"url": "http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
},
{
"trust": 1.0,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100217_01"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0107"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0107"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/56357"
},
{
"trust": 0.3,
"url": "https://www.f-secure.com"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026amp;pvid=security_advisory\u0026amp;year=2010\u0026amp;suid=20100217_01"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/38654/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/74"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/research.php"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0107"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/exploits"
},
{
"trust": 0.1,
"url": "http://www.vupen.com/english/services"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-42712"
},
{
"db": "BID",
"id": "38217"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"db": "PACKETSTORM",
"id": "86447"
},
{
"db": "PACKETSTORM",
"id": "86693"
},
{
"db": "NVD",
"id": "CVE-2010-0107"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-42712"
},
{
"db": "BID",
"id": "38217"
},
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"db": "PACKETSTORM",
"id": "86447"
},
{
"db": "PACKETSTORM",
"id": "86693"
},
{
"db": "NVD",
"id": "CVE-2010-0107"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-02-23T00:00:00",
"db": "VULHUB",
"id": "VHN-42712"
},
{
"date": "2010-02-17T00:00:00",
"db": "BID",
"id": "38217"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"date": "2010-02-18T17:45:10",
"db": "PACKETSTORM",
"id": "86447"
},
{
"date": "2010-02-25T06:29:19",
"db": "PACKETSTORM",
"id": "86693"
},
{
"date": "2010-02-23T20:30:00.467000",
"db": "NVD",
"id": "CVE-2010-0107"
},
{
"date": "2010-02-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-42712"
},
{
"date": "2010-02-17T00:00:00",
"db": "BID",
"id": "38217"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2010-005201"
},
{
"date": "2018-10-10T19:51:03.757000",
"db": "NVD",
"id": "CVE-2010-0107"
},
{
"date": "2010-02-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "86693"
},
{
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Symantec N360 Such as SYMLTCOM.dll Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2010-005201"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201002-232"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.