CVE-2010-0111

{"id": "CVE-2010-0111", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2011-01-31T21:00:03.190", "references": [{"url": "http://secunia.com/advisories/43099", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/43106", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1024997", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/45935", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_01", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2011/0234", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-029", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64942", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64943", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call."}, {"lang": "es", "value": "HDNLRSVC.EXE en el servicio Intel Alert Handler (tambi\u00e9n conocido como servicio Symantec Intel Handler) en Intel Alert Management System (tambi\u00e9n conocido como AMS o AMS2) como el utilizado en Symantec AntiVirus Corporate Edition (SAVCE) v10.x anterior a v10.1 MR10, Symantec System Center (SSC) v10.x, y Symantec Quarantine Server v3.5 y v3.6, permite a atacantes remotos ejecutar programas de su eleeci\u00f3n enviando msgsys.exe a una ruta de acceso compartido UNC que es usada directamente en la llamada CreateProcessA (tambi\u00e9n conocido como CreateProcess)."}], "lastModified": "2017-08-17T01:31:52.587", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:antivirus:10.0:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEB639EF-B434-42ED-A162-A2593FA78E3E"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr1:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0048A5E9-B07B-44BE-B79C-A37DBE96592A"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0:mr2:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "436B467D-0C3C-44FF-A900-431197CA9033"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BA427D2-2F74-4314-B68A-164E2B6B0240"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.1:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "549049F7-2698-4F68-A1D0-1E4546B9EB23"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.1.2:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFAA2B2E-0902-4F86-8076-34ED2ECBF02E"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E86D9CE-8A86-498B-B3A3-8988274A91E5"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.1:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BBF13A92-83EF-44EE-AD87-BA0CF8FF266D"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.2.2:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D92B456D-A69E-4B10-8F74-D3DFC242F641"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.3:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "643AF180-138C-472A-8BC5-B8B028E77CDD"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.4:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D56068D-CEF2-46B7-9914-36AB961839C9"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.5:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8ADDF27-67FF-41D7-BF2E-87AE06FDECD7"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.6:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "002290DD-589E-404F-BFC0-A1239D0E92E3"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.7:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2854BCF-2D37-4BE9-A590-7E25DF443EFF"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.8:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4BDB19A7-8DFA-43AD-9C44-16BBCF4531B7"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.0.9:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED683B68-530A-436F-A49B-32890EDFAC93"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09C311A9-7F82-46C1-8A69-49C2890B1CFC"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mp1:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9ADCB5F2-CCE8-4123-8E7E-EAF4885FD482"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr4:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6110CF45-3C3D-4560-A8F3-A5C47CD5265F"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr5:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1F6FC33-2929-45A3-9AD1-057456EC366E"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr6:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "084FCB30-F79A-45D0-B310-F3DB20EE3D2E"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1:mr7:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B24D11E4-5927-4C3D-BBEB-21DC2990122F"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.0.1:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "519B2E1C-FF02-4A40-804F-BCCB2B6CB57F"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DF07665-8AC8-405F-AF51-216C7A6F0ACB"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.4.1:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CF7C8DB-1045-4226-9576-063A8A95518F"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCC51E7C-9D45-4B95-95B1-2105F6812620"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.5.1:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A243CF7B-193D-481D-8518-5F711064D9B6"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E7F8ED8F-E857-4290-844A-8F1ADE383C4F"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.6.1:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCFA7D6F-103F-49DD-93AD-9C19AAE44BFE"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.7:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1C41837-80A2-48A4-A093-EC6478120216"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.8:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9459B9EC-73C2-4A4F-A6C8-91AF68FDF850"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.1.9:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9A34C41-CCFE-4F3D-B2A2-FF63339BFC56"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.2:*:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94E10F15-5F41-4B6B-9C42-7ED34E8420C5"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr2:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F35EA2A-B446-446F-8FDE-1C09D9A73687"}, {"criteria": "cpe:2.3:a:symantec:antivirus:10.2:mr3:corporate:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "782569C8-2244-4B8C-9D8E-0C37456278F1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:system_center:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "853171A9-1DD8-4C49-9564-956FB030DEC6"}, {"criteria": "cpe:2.3:a:symantec:system_center:10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EED74697-A20C-47F0-9CF6-605981B2675F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2B4436C-B67A-4904-80B3-1BE419E56699"}, {"criteria": "cpe:2.3:a:symantec:antivirus_central_quarantine_server:3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22949831-311A-4A92-B358-0F43971DBAAE"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}