Buffer overflow in Symantec Antivirus

CVE-2010-0110

Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5…

Vulnerability class: Buffer Overflow

EPSS: 0.333 (97.0th percentile) — read the EPSS interpretation.

Affected products

Symantec Antivirus — versions 10.0, 10.0.1, 10.0.1.1
Symantec Antivirus_central_quarantine_server — versions 3.5, 3.6
Symantec System_center — versions 10.0, 10.1
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
43099 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM)
symantec-intel-ams2-bo(64940) (vdb-entry, x_refsource_XF)
cve@mitre.org (x_refsource_MISC)
43106 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
1024996 (vdb-entry, x_refsource_SECTRACK)
45936 (vdb-entry, x_refsource_BID)