What is CVE-2010-0111?

CVE-2010-0111 is a vulnerability in Symantec Antivirus, classified under Improper Input Validation. Published 2011-01-31.

Is CVE-2010-0111 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Improper input validation in Symantec Antivirus

CVE-2010-0111

HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.606 (98.3th percentile) — read the EPSS interpretation.

Affected products

Symantec Antivirus — versions 10.0, 10.0.1, 10.0.1.1
Symantec Antivirus_central_quarantine_server — versions 3.5, 3.6
Symantec System_center — versions 10.0, 10.1
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

Public proof-of-concept exploits

rapid7/metasploit-framework

References

43099 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)
symantec-intelams2-dos(64943) (vdb-entry, x_refsource_XF)
43106 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM)
symantec-intelams2-code-execution(64942) (vdb-entry, x_refsource_XF)
45935 (vdb-entry, x_refsource_BID)
ADV-2011-0234 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
1024997 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2010-0111?: CVE-2010-0111 is a vulnerability in Symantec Antivirus, classified under Improper Input Validation. Published 2011-01-31.
Is CVE-2010-0111 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.