CVE-2010-0107
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. NOTE: this is only a vulnerability if the attacker can "masquerade as an authorized site."
Desbordamiento de búfer en el control ActiveX (SYMLTCOM.dll) en Symantec N360 v1.0 y v2.0; Norton Internet Security, AntiVirus, SystemWorks, y Confidential 2006 through 2008; y Symantec Client Security v3.0.x anteriores a v3.1 MR9, y v3.1.x anteriores a MR9; permite a atacantes remotos producir una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores desconocidos. NOTA: Esto solo es una vulnerabilidad si el atacante puede actuar como si fuese un sitio autorizado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-12-31 CVE Reserved
- 2010-02-23 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-23 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/62412 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/509717/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/38217 | Vdb Entry | |
| http://www.securitytracker.com/id?1023628 | Vdb Entry | |
| http://www.securitytracker.com/id?1023629 | Vdb Entry | |
| http://www.securitytracker.com/id?1023630 | Vdb Entry | |
| http://www.securitytracker.com/id?1023631 | Vdb Entry | |
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/56357 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/38654 | 2018-10-10 | |
| http://www.vupen.com/english/advisories/2010/0411 | 2018-10-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0 Search vendor "Symantec" for product "Client Security" and version "3.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.1.1000 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1000" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.1.1001 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1001" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.1.1007 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1007" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.1.1008 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1008" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.1.1009 Search vendor "Symantec" for product "Client Security" and version "3.0.1.1009" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.2 Search vendor "Symantec" for product "Client Security" and version "3.0.2" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.2.2000 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2000" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.2.2001 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2001" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.2.2002 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2002" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.2.2010 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2010" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.2.2011 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2011" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.2.2020 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2020" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.0.2.2021 Search vendor "Symantec" for product "Client Security" and version "3.0.2.2021" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1 Search vendor "Symantec" for product "Client Security" and version "3.1" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1 Search vendor "Symantec" for product "Client Security" and version "3.1" | mr4 |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1 Search vendor "Symantec" for product "Client Security" and version "3.1" | mr5 |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1 Search vendor "Symantec" for product "Client Security" and version "3.1" | mr6 |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.0.396 Search vendor "Symantec" for product "Client Security" and version "3.1.0.396" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.0.401 Search vendor "Symantec" for product "Client Security" and version "3.1.0.401" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.396 Search vendor "Symantec" for product "Client Security" and version "3.1.396" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.400 Search vendor "Symantec" for product "Client Security" and version "3.1.400" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Client Security Search vendor "Symantec" for product "Client Security" | 3.1.401 Search vendor "Symantec" for product "Client Security" and version "3.1.401" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton 360 Search vendor "Symantec" for product "Norton 360" | 1.0 Search vendor "Symantec" for product "Norton 360" and version "1.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton 360 Search vendor "Symantec" for product "Norton 360" | 2.0 Search vendor "Symantec" for product "Norton 360" and version "2.0" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 2006 Search vendor "Symantec" for product "Norton Antivirus" and version "2006" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 2007 Search vendor "Symantec" for product "Norton Antivirus" and version "2007" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Antivirus Search vendor "Symantec" for product "Norton Antivirus" | 2008 Search vendor "Symantec" for product "Norton Antivirus" and version "2008" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security" | 2006 Search vendor "Symantec" for product "Norton Internet Security" and version "2006" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security" | 2007 Search vendor "Symantec" for product "Norton Internet Security" and version "2007" | - |
Affected
| ||||||
| Symantec Search vendor "Symantec" | Norton Internet Security Search vendor "Symantec" for product "Norton Internet Security" | 2008 Search vendor "Symantec" for product "Norton Internet Security" and version "2008" | - |
Affected
| ||||||