Vulnerability Description
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Antivirus | 10.0 |
| Symantec | System Center | 10.0 |
| Symantec | Antivirus Central Quarantine Server | 3.5 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/43099Vendor Advisory
- http://secunia.com/advisories/43106Vendor Advisory
- http://securitytracker.com/id?1024997
- http://www.securityfocus.com/bid/45935
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit
- http://www.vupen.com/english/advisories/2011/0234Vendor Advisory
- http://www.zerodayinitiative.com/advisories/ZDI-11-029
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64942
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64943
- http://secunia.com/advisories/43099Vendor Advisory
- http://secunia.com/advisories/43106Vendor Advisory
- http://securitytracker.com/id?1024997
- http://www.securityfocus.com/bid/45935
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=securit
- http://www.vupen.com/english/advisories/2011/0234Vendor Advisory
FAQ
What is CVE-2010-0111?
CVE-2010-0111 is a vulnerability with a CVSS score of 9.3 (HIGH). HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x be...
How severe is CVE-2010-0111?
CVE-2010-0111 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0111?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Antivirus, Symantec System Center, Symantec Antivirus Central Quarantine Server.