CVE-2010-0110:This CVE (CVE-2010-0110) refers to multiple stack-based buffer overflows in the Intel Alert Management System (AMS or AMS2), as used in certain versions of Symantec AntiVirus Corporate Edition, Symantec System Center, and Symantec Quarantine Server. These vulnerabilities could allow remote attackers to execute arbitrary code.

splash
Back

Description Preview

The vulnerabilities in the Intel Alert Management System (AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, are due to multiple stack-based buffer overflows. These overflows can be exploited by remote attackers to execute arbitrary code via a long string to msgsys.exe, a long modem string or PIN number to msgsys.exe, or a message to msgsys.exe. These are related to various functions and services within the Intel Alert Handler service and the Intel Alert Originator service.

Overview

The vulnerabilities are due to improper handling of certain inputs by the affected software. An attacker could exploit these vulnerabilities by sending a crafted request to the affected software. An exploit could allow the attacker to execute arbitrary code and gain control of the system.

Remediation

Users of the affected software are advised to update to the latest versions which have the vulnerabilities fixed. Symantec has released updates to address these vulnerabilities. Users should contact Symantec or their vendor for appropriate patches or updates.

References

  1. http://www.zerodayinitiative.com/advisories/ZDI-11-031
  2. http://www.zerodayinitiative.com/advisories/ZDI-11-028
  3. http://secunia.com/advisories/43099
  4. http://www.zerodayinitiative.com/advisories/ZDI-11-032
  5. http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00
  6. https://exchange.xforce.ibmcloud.com/vulnerabilities/64940
  7. http://www.zerodayinitiative.com/advisories/ZDI-11-030
  8. http://secunia.com/advisories/43106
  9. http://securitytracker.com/id?1024996
  10. http://www.securityfocus.com/bid/45936
  11. http://www.vupen.com/english/advisories/2011/0234

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Accommodation & Food Services
    Accommodation & Food Services
  2. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  3. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  4. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  5. Construction
    Construction
  6. Educational Services
    Educational Services
  7. Finance and Insurance
    Finance and Insurance
  8. Health Care & Social Assistance
    Health Care & Social Assistance
  9. Information
    Information
  10. Management of Companies & Enterprises
    Management of Companies & Enterprises
  11. Manufacturing
    Manufacturing
  12. Mining
    Mining
  13. Other Services (except Public Administration)
    Other Services (except Public Administration)
  14. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  15. Public Administration
    Public Administration
  16. Real Estate Rental & Leasing
    Real Estate Rental & Leasing
  17. Retail Trade
    Retail Trade
  18. Transportation & Warehousing
    Transportation & Warehousing
  19. Utilities
    Utilities
  20. Wholesale Trade
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background