CVE-2010-0111: Input Validation

First published: Mon Jan 31 2011(Updated: )

HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Symantec AntiVirus	=10.1.6.1
Symantec AntiVirus	=10.0.7
Symantec AntiVirus	=10.2-mr3
Symantec AntiVirus	=10.2
Symantec AntiVirus	=10.1-mr6
Symantec AntiVirus	=10.2-mr2
Symantec AntiVirus	=10.1.6
Symantec AntiVirus	=10.0.6
Symantec AntiVirus	=10.0-mr2
Symantec AntiVirus	=10.1-mr4
Symantec AntiVirus	=10.1.5
Symantec AntiVirus	=10.1
Symantec AntiVirus	=10.1.4.1
Symantec AntiVirus	=10.0.2
Symantec AntiVirus	=10.1-mr7
Symantec AntiVirus	=10.0.1
Symantec AntiVirus	=10.0.9
Symantec AntiVirus	=10.1.7
Symantec AntiVirus	=10.1.8
Symantec AntiVirus	=10.0
Symantec AntiVirus	=10.0.5
Symantec AntiVirus	=10.0.4
Symantec AntiVirus	=10.1.0.1
Symantec AntiVirus	=10.0.8
Symantec AntiVirus	=10.1.9
Symantec AntiVirus	=10.0.1.2
Symantec AntiVirus	=10.0.2.2
Symantec AntiVirus	=10.0-mr1
Symantec AntiVirus	=10.0.3
Symantec AntiVirus	=10.1-mp1
Symantec AntiVirus	=10.1.5.1
Symantec AntiVirus	=10.1.4
Symantec AntiVirus	=10.0.1.1
Symantec AntiVirus	=10.0.2.1
Symantec AntiVirus	=10.1-mr5
Symantec System Center	=10.0
Symantec System Center	=10.1
Symantec AntiVirus Central Quarantine Server	=3.6
Symantec AntiVirus Central Quarantine Server	=3.5

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/author
agent/severity
agent/weakness
agent/references
agent/description
agent/type
agent/event
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/symantec
canonical/symantec antivirus
version/symantec antivirus/10.1.6.1
version/symantec antivirus/10.0.7
version/symantec antivirus/10.2-mr3
version/symantec antivirus/10.2
version/symantec antivirus/10.1-mr6
version/symantec antivirus/10.2-mr2
version/symantec antivirus/10.1.6
version/symantec antivirus/10.0.6
version/symantec antivirus/10.0-mr2
version/symantec antivirus/10.1-mr4
version/symantec antivirus/10.1.5
version/symantec antivirus/10.1
version/symantec antivirus/10.1.4.1
version/symantec antivirus/10.0.2
version/symantec antivirus/10.1-mr7
version/symantec antivirus/10.0.1
version/symantec antivirus/10.0.9
version/symantec antivirus/10.1.7
version/symantec antivirus/10.1.8
version/symantec antivirus/10.0
version/symantec antivirus/10.0.5
version/symantec antivirus/10.0.4
version/symantec antivirus/10.1.0.1
version/symantec antivirus/10.0.8
version/symantec antivirus/10.1.9
version/symantec antivirus/10.0.1.2
version/symantec antivirus/10.0.2.2
version/symantec antivirus/10.0-mr1
version/symantec antivirus/10.0.3
version/symantec antivirus/10.1-mp1
version/symantec antivirus/10.1.5.1
version/symantec antivirus/10.1.4
version/symantec antivirus/10.0.1.1
version/symantec antivirus/10.0.2.1
version/symantec antivirus/10.1-mr5
canonical/symantec system center
version/symantec system center/10.0
version/symantec system center/10.1
canonical/symantec antivirus central quarantine server
version/symantec antivirus central quarantine server/3.6
version/symantec antivirus central quarantine server/3.5

CVE-2010-0111: Input Validation

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact