CVE-2010-0111
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
31/01/2011
Last modified:
11/04/2025
Description
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.
Impact
Base Score 2.0
9.30
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:* | ||
| cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/43099
- http://secunia.com/advisories/43106
- http://securitytracker.com/id?1024997=
- http://www.securityfocus.com/bid/45935
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_01
- http://www.vupen.com/english/advisories/2011/0234
- http://www.zerodayinitiative.com/advisories/ZDI-11-029
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64942
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64943
- http://secunia.com/advisories/43099
- http://secunia.com/advisories/43106
- http://securitytracker.com/id?1024997=
- http://www.securityfocus.com/bid/45935
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_01
- http://www.vupen.com/english/advisories/2011/0234
- http://www.zerodayinitiative.com/advisories/ZDI-11-029
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64942
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64943