CVE-2011-0688
Symantec Antivirus Corporate Edition 10.x < 10.1 MR10 - Remote Code Execution via Crafted TCP Messages
Title source: llmDescription
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information.
References (6)
Core 6
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43099
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/65071
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1024996
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/45936
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0234
Scores
EPSS
0.0204
EPSS Percentile
84.1%
Details
CWE
CWE-287
Status
published
Products (30)
symantec/antivirus
10.0 (3 CPE variants)
symantec/antivirus
10.0.1
symantec/antivirus
10.0.1.1
symantec/antivirus
10.0.1.2
symantec/antivirus
10.0.2
symantec/antivirus
10.0.2.1
symantec/antivirus
10.0.2.2
symantec/antivirus
10.0.3
symantec/antivirus
10.0.4
symantec/antivirus
10.0.5
... and 20 more
Published
Jan 31, 2011
Tracked Since
Feb 18, 2026