Improper input validation in Intel Intel_alert_management_system
CVE-2010-3268
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.087 (92.7th percentile) — read the EPSS interpretation.
Affected products
- Intel Intel_alert_management_system
- Microsoft Windows_2000
- Symantec Antivirus — versions 10.1.4.4010
- Symantec Endpoint_protection — versions 11.0, 11.0.4, 11.0.3001
- N/a — versions n/a
Weakness classification (CWE)
References
- 20101213 [CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service (mailing-list, x_refsource_BUGTRAQ)
- 43099 (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- ADV-2010-3206 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- cve@mitre.org (Exploit, x_refsource_MISC)
- 42593 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
- 1024866 (vdb-entry, x_refsource_SECTRACK)
- symantec-antivirus-handler-service-dos(64028) (vdb-entry, x_refsource_XF)
- 45936 (vdb-entry, x_refsource_BID)
- ADV-2011-0234 (vdb-entry, x_refsource_VUPEN)