Vulnerability Name:

CVE-2010-0106 (CCN-56354)

Assigned:2009-12-31
Published:2010-02-17
Updated:2018-10-30
Summary:The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.
CVSS v3 Severity:6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:1.9 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P)
1.4 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P)
4.3 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2010-0106

Source: OSVDB
Type: UNKNOWN
62414

Source: CCN
Type: SA38653
Symantec Products Scanning Bypass Weakness

Source: SECUNIA
Type: Vendor Advisory
38653

Source: CCN
Type: SECTRACK ID: 1023621
Symantec AntiVirus Event Management Flaw Lets Remote Users Bypass On-Demand Scanning

Source: CCN
Type: OSVDB ID: 62414
Symantec Multiple Products On-demand Scanning Unspecified Bypass

Source: BID
Type: UNKNOWN
38219

Source: CCN
Type: BID-38219
Symantec AntiVirus Scan Evasion Vulnerability

Source: SECTRACK
Type: UNKNOWN
1023621

Source: CCN
Type: SYM10-002
Symantec Event Manipulation Potential Scan Bypass

Source: CONFIRM
Type: UNKNOWN
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_00

Source: VUPEN
Type: Vendor Advisory
ADV-2010-0410

Source: XF
Type: UNKNOWN
symantec-ondemand-dos(56354)

Source: XF
Type: UNKNOWN
symantec-ondemand-dos(56354)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:antivirus:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0:mr1:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0:mr2:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1:mr4:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1:mr5:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1:mr7:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.0.396:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.0.401:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:client_security:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:client_security:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.1:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.0:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:antivirus:10.2::corporate:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec antivirus 10.0
    symantec antivirus 10.0.1
    symantec antivirus 10.0.1.1
    symantec antivirus 10.0.2
    symantec antivirus 10.0.2.1
    symantec antivirus 10.0.2.2
    symantec antivirus 10.0.3
    symantec antivirus 10.0.4
    symantec antivirus 10.0.5
    symantec antivirus 10.0.6
    symantec antivirus 10.0.7
    symantec antivirus 10.0.8
    symantec antivirus 10.0.9
    symantec antivirus 10.1
    symantec antivirus 10.1
    symantec antivirus 10.1 mp1
    symantec antivirus 10.1 mr4
    symantec antivirus 10.1 mr5
    symantec antivirus 10.1 mr7
    symantec antivirus 10.1.0.1
    symantec antivirus 10.1.4
    symantec antivirus 10.1.4.1
    symantec antivirus 10.1.5
    symantec antivirus 10.1.5.1
    symantec antivirus 10.1.6
    symantec antivirus 10.1.6.1
    symantec antivirus 10.1.7
    symantec antivirus 10.2
    symantec antivirus 10.2 mr2
    symantec antivirus 10.2 mr3
    symantec client security 3.0
    symantec client security 3.0 mr1
    symantec client security 3.0 mr2
    symantec client security 3.0.0.359
    symantec client security 3.0.1.1000
    symantec client security 3.0.1.1007
    symantec client security 3.0.1.1008
    symantec client security 3.0.2
    symantec client security 3.0.2.2000
    symantec client security 3.0.2.2001
    symantec client security 3.0.2.2010
    symantec client security 3.0.2.2011
    symantec client security 3.0.2.2020
    symantec client security 3.0.2.2021
    symantec client security 3.1
    symantec client security 3.1 mr4
    symantec client security 3.1 mr5
    symantec client security 3.1 mr7
    symantec client security 3.1.0.396
    symantec client security 3.1.0.401
    symantec client security 3.1.394
    symantec client security 3.1.400
    symantec client security 3.1.401
    symantec endpoint protection 11.0
    symantec client security 3.0
    symantec client security 3.1
    symantec antivirus 10.1
    symantec antivirus 10.0
    symantec endpoint protection 11.0.6200.754
    symantec antivirus 10.2