CVE-2010-0110
Symantec AntiVirus Corporate Edition 10.x < 10.1 MR10 - Remote Code Execution via Stack-Based Buffer Overflow
Title source: llmDescription
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.
References (11)
Core 11
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-031
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-028
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43099
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-032
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64940
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-11-030
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43106
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1024996
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45936
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0234
Scores
EPSS
0.3335
EPSS Percentile
97.0%
Details
CWE
CWE-119
Status
published
Products (30)
symantec/antivirus
10.0 (3 CPE variants)
symantec/antivirus
10.0.1
symantec/antivirus
10.0.1.1
symantec/antivirus
10.0.1.2
symantec/antivirus
10.0.2
symantec/antivirus
10.0.2.1
symantec/antivirus
10.0.2.2
symantec/antivirus
10.0.3
symantec/antivirus
10.0.4
symantec/antivirus
10.0.5
... and 20 more
Published
Jan 31, 2011
Tracked Since
Feb 18, 2026