CVSS: 10.0EPSS: 37%CPEs: 39EXPL: 0CVE-2010-0111 – Symantec Intel Alert Originator Service iao.exe Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0111
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call. HDNLRSVC.EXE en el servicio Intel Alert Handler (también conocido como servicio Symantec Intel Handler) en Intel Alert Management System (también conocido como AMS o AMS2) como el utilizado en Symantec AntiVirus Corporate Edition (SAVCE) v10.x anterior a v10.1 MR10, Symantec System Center (SSC) v10.x, y Symantec Quarantine Server v3.5 y v3.6, permite a atacantes remotos ejecutar programas de su eleeción enviando msgsys.exe a una ruta de acceso compartido UNC que es usada directamente en la llamada CreateProcessA (también conocido como CreateProcess). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of multiple Symantec products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Intel Alert Originator (iao.exe) service. While processing messages sent from the msgsys.exe process a size check can be bypassed and a subsequent stack-based buffer overflow can be triggered. • http://secunia.com/advisories/43099 http://secunia.com/advisories/43106 http://securitytracker.com/id?1024997 http://www.securityfocus.com/bid/45935 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_01 http://www.vupen.com/english/advisories/2011/0234 http://www.zerodayinitiative.com/advisories/ZDI-11-029 https://exchange.xforce.ibmcloud.com/vulnerabilities/64942 https://exchange.xforce.ibmcloud.com/vulnerabilities/649 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2010-0115 – Symantec Web Gateway Management Interface USERNAME Blind SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0115
SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 before 4.5.0.376 allows remote attackers to execute arbitrary SQL commands via the USERNAME parameter. Una vulnerabilidad de inyección SQL en login.php en la GUI de administración de la consola de Symantec Web Gateway 4.5 antes de v4.5.0.376 permite a atacantes remotos ejecutar comandos SQL a través del parámetro USERNAME. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the management interface which listens by default on TCP port 443. While parsing requests sent to the login.php page, the process does not properly sanitize the USERNAME POST parameter. • http://osvdb.org/70415 http://secunia.com/advisories/42878 http://www.securityfocus.com/bid/45742 http://www.securitytracker.com/id?1024958 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110112_00 http://www.vupen.com/english/advisories/2011/0088 http://www.zerodayinitiative.com/advisories/ZDI-11-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/64658 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2010-0114 – Symantec Endpoint Protection Manager Reporting Server fw_charts.php Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0114
fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Protection (SEP) 11.x before 11 RU6 MP2 allows remote attackers to bypass intended restrictions on report generation, overwrite arbitrary PHP scripts, and execute arbitrary code via a crafted request. fw_charts.php en el módulo de reporte en el componente Manager (también conocido como SEPM) en Symantec Endpoint Protection (SEP) 11.x, en versiones anteriores a la 11 RU6 MP2, permite a atacantes remotos eludir las restricciones establecidas en la generación de reportes, sobreescribir scripts PHP de su elección y ejecutar código de su elección mediante una petición manipulada. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Endpoint Protection. Authentication is not required to exploit this vulnerability. The specific flaw exists within the portion of the server that generates reports. Due to the combination of insufficient checks being performed on the application and failure to authenticate a user for generating a chart, an attacker can overwrite arbitrary files on a server. Careful exploitation can lead to code execution under the context of the php interpreter. • http://secunia.com/advisories/42643 http://securitytracker.com/id?1024900 http://www.securityfocus.com/bid/45372 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101215_00 http://www.vupen.com/english/advisories/2010/3252 http://www.zerodayinitiative.com/advisories/ZDI-10-291 https://exchange.xforce.ibmcloud.com/vulnerabilities/64118 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 83%CPEs: 20EXPL: 1CVE-2010-3268
https://notcve.org/view.php?id=CVE-2010-3268
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request. La función GetStringAMSHandler en prgxhndl.dll en hndlrsvc.exe en Intel Alert Handler service (conocido como Symantec Intel Handler service) en Intel Alert Management System (AMS), como el usado en Symantec Antivirus Corporate Edition v10.1.4.4010 en Windows 2000 SP4 y Symantec Endpoint Protection anterior v11.x, no valida adecuadamente el campo CommandLine de una petición AMS, lo que permite a atacantes remotos causar una denegación de servicio (caída aplicación) a través de peticiones manipuladas. • http://secunia.com/advisories/42593 http://secunia.com/advisories/43099 http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos http://www.securityfocus.com/archive/1/515191/100/0/threaded http://www.securityfocus.com/bid/45936 http://www.securitytracker.com/id?1024866 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 http://www.vupen.com/english/advisories/2010/3206 http://www.vu • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2010-0113
https://notcve.org/view.php?id=CVE-2010-0113
The Symantec Norton Mobile Security application 1.0 Beta for Android records setup details, possibly including wipe/lock credentials, in the device logs, which allows user-assisted remote attackers to obtain potentially sensitive information by leveraging the ability of a separate crafted application to read these logs. La aplicación Symantec Norton Mobile Security v1.0 Beta para Android guarda detalles de configuración, incluyendo posiblemente las credenciales wipe/lock en los registros del dispositivo, permitiendo a atacantes remotos asistidos por el usuario obtener información sensible mediante una aplicación independiente especialmente diseñada para leer estos registros. • http://osvdb.org/69253 http://www.securityfocus.com/bid/44767 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20101111_00 http://www.vupen.com/english/advisories/2010/2982 https://exchange.xforce.ibmcloud.com/vulnerabilities/63294 • CWE-255: Credentials Management Errors •