危険度: 緊急
  CVE識別番号: CVE-2010-0111
  情報公開日: 7 21, 2015

  概要

HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1004599
  Trend Micro Deep Security DPI Rule Name: 1004599 - Symantec Intel Alert Management System Message Handling Multiple Code Execution Vulnerabilities

  影響を受けるソフトウェア

  • symantec antivirus 10.0
  • symantec antivirus 10.0.1
  • symantec antivirus 10.0.1.1
  • symantec antivirus 10.0.1.2
  • symantec antivirus 10.0.2
  • symantec antivirus 10.0.2.1
  • symantec antivirus 10.0.2.2
  • symantec antivirus 10.0.3
  • symantec antivirus 10.0.4
  • symantec antivirus 10.0.5
  • symantec antivirus 10.0.6
  • symantec antivirus 10.0.7
  • symantec antivirus 10.0.8
  • symantec antivirus 10.0.9
  • symantec antivirus 10.1
  • symantec antivirus 10.1.0.1
  • symantec antivirus 10.1.4
  • symantec antivirus 10.1.4.1
  • symantec antivirus 10.1.5
  • symantec antivirus 10.1.5.1
  • symantec antivirus 10.1.6
  • symantec antivirus 10.1.6.1
  • symantec antivirus 10.1.7
  • symantec antivirus 10.1.8
  • symantec antivirus 10.1.9
  • symantec antivirus 10.2
  • symantec antivirus_central_quarantine_server 3.5
  • symantec antivirus_central_quarantine_server 3.6
  • symantec system_center 10.0
  • symantec system_center 10.1