Severity: : Critical
  CVE Kennungen: : CVE-2010-0111
  Advisory Date: 21 de lipca de 2015

  DESCRIPTION

HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.

  INFORMATION EXPOSURE

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1004599
  Trend Micro Deep Security DPI Rule Name: 1004599 - Symantec Intel Alert Management System Message Handling Multiple Code Execution Vulnerabilities

  AFFECTED SOFTWARE AND VERSION:

  • symantec antivirus 10.0
  • symantec antivirus 10.0.1
  • symantec antivirus 10.0.1.1
  • symantec antivirus 10.0.1.2
  • symantec antivirus 10.0.2
  • symantec antivirus 10.0.2.1
  • symantec antivirus 10.0.2.2
  • symantec antivirus 10.0.3
  • symantec antivirus 10.0.4
  • symantec antivirus 10.0.5
  • symantec antivirus 10.0.6
  • symantec antivirus 10.0.7
  • symantec antivirus 10.0.8
  • symantec antivirus 10.0.9
  • symantec antivirus 10.1
  • symantec antivirus 10.1.0.1
  • symantec antivirus 10.1.4
  • symantec antivirus 10.1.4.1
  • symantec antivirus 10.1.5
  • symantec antivirus 10.1.5.1
  • symantec antivirus 10.1.6
  • symantec antivirus 10.1.6.1
  • symantec antivirus 10.1.7
  • symantec antivirus 10.1.8
  • symantec antivirus 10.1.9
  • symantec antivirus 10.2
  • symantec antivirus_central_quarantine_server 3.5
  • symantec antivirus_central_quarantine_server 3.6
  • symantec system_center 10.0
  • symantec system_center 10.1