Multiple Symantec Products Alert Management System Console Arbitrary Code Execution Vulnerability

  Severity: CRITICAL
  CVE Identifier: CVE-2009-1431
  Advisory Date: JUL 21, 2015

  DESCRIPTION

XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1003524
  Trend Micro Deep Security DPI Rule Name: 1003524 - Multiple Symantec Products Alert Management System Console Arbitrary Code Execution Vulnerability

  AFFECTED SOFTWARE AND VERSION

  • symantec antivirus -
  • symantec antivirus 10.0
  • symantec antivirus 10.0.1
  • symantec antivirus 10.0.1.1
  • symantec antivirus 10.0.2
  • symantec antivirus 10.0.2.1
  • symantec antivirus 10.0.2.2
  • symantec antivirus 10.0.3
  • symantec antivirus 10.0.4
  • symantec antivirus 10.0.5
  • symantec antivirus 10.0.6
  • symantec antivirus 10.0.7
  • symantec antivirus 10.0.8
  • symantec antivirus 10.0.9
  • symantec antivirus_central_quarantine_server
  • symantec client_security 2.0
  • symantec client_security 3.0
  • symantec client_security 3.0.0.359
  • symantec client_security 3.0.1.1000
  • symantec client_security 3.0.1.1001
  • symantec client_security 3.0.1.1007
  • symantec client_security 3.0.1.1008
  • symantec client_security 3.0.1.1009
  • symantec client_security 3.0.2
  • symantec client_security 3.0.2.2000
  • symantec client_security 3.0.2.2001
  • symantec client_security 3.0.2.2002
  • symantec client_security 3.0.2.2010
  • symantec client_security 3.0.2.2011
  • symantec client_security 3.0.2.2020
  • symantec client_security 3.0.2.2021
  • symantec client_security 3.1
  • symantec endpoint_protection 11.0
  • symantec system_center