Vulnerability Name: CVE-2010-0110 (CCN-64940) Assigned: 2009-12-31 Published: 2011-01-26 Updated: 2017-08-17 Summary: Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service. CVSS v3 Severity: 9.6 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): AdjacentAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.9 High (CVSS v2 Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C 5.8 Medium (Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Authentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
7.9 High (CCN CVSS v2 Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C 5.8 Medium (CCN Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Athentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2010-0110 Symantec Products Intel Alert Management System Multiple Vulnerabilities 43099 Symantec Quarantine Server Intel Alert Management System Multiple Vulnerabilities 43106 1024996 45936 Symantec Intel Alert Management System (CVE-2010-0110) Buffer Overflow Vulnerabilities Symantec Intel Alert Management System Multiple Code Execution Issues http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 ADV-2011-0234 http://www.zerodayinitiative.com/advisories/ZDI-11-028 http://www.zerodayinitiative.com/advisories/ZDI-11-030 http://www.zerodayinitiative.com/advisories/ZDI-11-031 http://www.zerodayinitiative.com/advisories/ZDI-11-032 symantec-intel-ams2-bo(64940) symantec-intel-ams2-bo(64940) Symantec AMS Intel Alert Service AMSSendAlertAct Remote Code Execution Vulnerability Symantec AMS Intel Alert Handler Modem String Parsing Remote Code Execution Vulnerability Symantec AMS Intel Alert Handler Pin Number Parsing Remote Code Execution Vulnerability Vulnerable Configuration: Configuration 1 :cpe:/a:symantec:antivirus:10.0:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.2:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:* Configuration 2 :cpe:/a:symantec:system_center:10.0:*:*:*:*:*:*:* OR cpe:/a:symantec:system_center:10.1:*:*:*:*:*:*:* Configuration 3 :cpe:/a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:* OR cpe:/a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1:*:corporate:*:*:*:*:* OR cpe:/a:symantec:antivirus:10.1.4.4010:*:corporate:*:*:*:*:* Vulnerability Name: CVE-2010-0110 (CCN-64941) Assigned: 2009-12-31 Published: 2011-01-26 Updated: 2017-08-17 Summary: Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service. CVSS v3 Severity: 9.6 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): AdjacentAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.9 High (CVSS v2 Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C 5.8 Medium (Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Authentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
7.9 High (CCN CVSS v2 Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C 5.8 Medium (CCN Temporal CVSS v2 Vector: AV:A/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): Access Complexity (AC): Athentication (Au): Impact Metrics: Confidentiality (C): Integrity (I): Availibility (A):
Vulnerability Type: CWE-119 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2010-0110 Symantec Products Intel Alert Management System Multiple Vulnerabilities Symantec Quarantine Server Intel Alert Management System Multiple Vulnerabilities Symantec Intel Alert Management System (CVE-2010-0110) Buffer Overflow Vulnerabilities Symantec Intel Alert Management System Multiple Code Execution Issues symantec-intelams2-command-exec(64941) Symantec AMS Intel Alert Service AMSSendAlertAct Remote Code Execution Vulnerability Symantec AMS Intel Alert Handler Service CreateProcess Remote Code Execution Vulnerability Symantec Intel Alert Originator Service iao.exe Remote Code Execution Vulnerability BACK
symantec antivirus 10.0
symantec antivirus 10.0 mr1
symantec antivirus 10.0 mr2
symantec antivirus 10.0.1
symantec antivirus 10.0.1.1
symantec antivirus 10.0.1.2
symantec antivirus 10.0.2
symantec antivirus 10.0.2.1
symantec antivirus 10.0.2.2
symantec antivirus 10.0.3
symantec antivirus 10.0.4
symantec antivirus 10.0.5
symantec antivirus 10.0.6
symantec antivirus 10.0.7
symantec antivirus 10.0.8
symantec antivirus 10.0.9
symantec antivirus 10.1
symantec antivirus 10.1 mp1
symantec antivirus 10.1 mr4
symantec antivirus 10.1 mr5
symantec antivirus 10.1 mr6
symantec antivirus 10.1 mr7
symantec antivirus 10.1.0.1
symantec antivirus 10.1.4
symantec antivirus 10.1.4.1
symantec antivirus 10.1.5
symantec antivirus 10.1.5.1
symantec antivirus 10.1.6
symantec antivirus 10.1.6.1
symantec antivirus 10.1.7
symantec antivirus 10.1.8
symantec antivirus 10.1.9
symantec antivirus 10.2
symantec antivirus 10.2 mr2
symantec antivirus 10.2 mr3
symantec system center 10.0
symantec system center 10.1
symantec antivirus central quarantine server 3.5
symantec antivirus central quarantine server 3.6
symantec antivirus 10.1.4
symantec antivirus 10.1
symantec antivirus 10.1.4.4010
Denotes that component is vulnerable