Vulnerability Description
The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Antivirus | 10.0 |
| Symantec | Client Security | 3.0 |
| Symantec | Endpoint Protection | 11.0 |
References
- http://osvdb.org/62414
- http://secunia.com/advisories/38653Vendor Advisory
- http://www.securityfocus.com/bid/38219
- http://www.securitytracker.com/id?1023621
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit
- http://www.vupen.com/english/advisories/2010/0410Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56354
- http://osvdb.org/62414
- http://secunia.com/advisories/38653Vendor Advisory
- http://www.securityfocus.com/bid/38219
- http://www.securitytracker.com/id?1023621
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit
- http://www.vupen.com/english/advisories/2010/0410Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56354
FAQ
What is CVE-2010-0106?
CVE-2010-0106 is a vulnerability with a CVSS score of 1.9 (LOW). The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers...
How severe is CVE-2010-0106?
CVE-2010-0106 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0106?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Antivirus, Symantec Client Security, Symantec Endpoint Protection.