Symantec Intel Alert Management System Multiple Vulnerabilities Network Vulnerability

Summary

This host is installed with Symantec AntiVirus Corporate Edition and is prone to multiple vulnerabilities.

Impact

Successful exploitation will allow attackers to cause a denial of service or compromise a vulnerable system. Impact Level: Application

Solution

Upgrade to Symantec Antivirus Corporate Edition 10.1 MR10 or later, For updates refer to http://www.symantec.com/index.jsp

Insight

Multiple flaws are caused by buffer overflow and input validation errors in the Intel Alert Management System (AMS2) when processing user-supplied packets, which could allow attackers or malicious users to trigger arbitrary events (launching a program, sending an email), shutdown the service, or execute arbitray code.

Affected

Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10

References

http://secunia.com/advisories/43099
http://securitytracker.com/id?1024996
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00
http://www.vupen.com/english/advisories/2011/0234

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0110, CVE-2010-0111, CVE-2011-0688

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Windows)
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Windows)
Adobe Acrobat and Reader 'printSeps()' Function Heap Corruption Vulnerability
Adobe Acrobat Multiple Vulnerabilities - 01 May14 (Mac OS X)

Take action and discover your vulnerabilities