[SingCERT] Symantec Intel Alert Management System Multiple Vulnerabilities

Main Menu

Mailing List

[SingCERT] Symantec Intel Alert Management System Multiple Vulnerabilities

Last Updated on Thursday, 27 January 2011 10:46

Attention: open in a new window.

[ Summary ]

Symantec Intel Alert Management System is prone to a remote vulnerability due to improper message handling (CVE-2010-0111) and also a Buffer Overflow Vulnerability (CVE-2010-0110)

[ Affected Systems ]

Symantec AntiVirus Corporate Edition Server Version 10.x
Symantec Systems Center 10.x
Quarantine Server 3.6
Quarantine Server 3.5

[ Impact Analysis ]

Attackers can exploit this issue to launch an arbitrary program, send an email, or shutdown the service, effectively denying service to legitimate users.

[ Solution/Workaround ]

Vendor updates are available. Please see the references for more information.

[ Reference]

CVE-2010-0111
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00

CVE-2010-0110

http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_01

< Prev		Next >

Search, View and Navigation

Main Menu

Mailing List

Archive

[SingCERT] Symantec Intel Alert Management System Multiple Vulnerabilities

Additional Information

Symantec Security Alerts