CVSS: 6.2EPSS: 6%CPEs: 20EXPL: 1CVE-2010-3268
https://notcve.org/view.php?id=CVE-2010-3268
22 Dec 2010 — The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request. La función GetStringAMSHandler en prgxh... • http://secunia.com/advisories/42593 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 2%CPEs: 13EXPL: 0CVE-2010-0114 – Symantec Endpoint Protection Manager Reporting Server fw_charts.php Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0114
15 Dec 2010 — fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request. fw_charts.php en el módulo de reporte en el componente Manager (también conocido como SEPM) en Symantec Endpoint Protection (SEP) 11.x, en versiones anteriores a la 11 RU6 MP2, permite a atacantes remotos eludir las ... • http://secunia.com/advisories/42643 • CWE-20: Improper Input Validation •