Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Antivirus central quarantine server'
2011-01-31
CVE-2011-0688
Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary commands via crafted messages over TCP, as discovered by Junaid Bohio, a different vulnerability than CVE-2010-0110 and CVE-2010-0111. NOTE: some of these details are obtained from third party information.
CVE-2010-0111
HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.
CVE-2010-0110
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.
2009-04-30
CVE-2009-1432
CWE-20
Symantec Reporting Server, as used in Symantec AntiVirus (SAV) Corporate Edition 10.1 before 10.1 MR8 and 10.2 before 10.2 MR2, Symantec Client Security (SCS) before 3.1 MR8, and the Symantec Endpoint Protection Manager (SEPM) component in Symantec Endpoint Protection (SEP) before 11.0 MR2, allows remote attackers to inject arbitrary text into the login screen, and possibly conduct phishing attacks, via vectors involving a URL that is not properly handled.
2009-04-29
CVE-2009-1431
CWE-Other
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary code by placing the code on a (1) share or (2) WebDAV server, and then sending the UNC share pathname to this service.
CVE-2009-1430
CWE-119
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allow remote attackers to execute arbitrary code via (1) a crafted packet or (2) data that ostensibly arrives from the MsgSys.exe process.
CVE-2009-1429
The Intel LANDesk Common Base Agent (CBA) in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 before 9.0 MR7, 10.0 and 10.1 before 10.1 MR8, and 10.2 before 10.2 MR2; Symantec Client Security (SCS) 2 before 2.0 MR7 and 3 before 3.1 MR8; and Symantec Endpoint Protection (SEP) before 11.0 MR3, allows remote attackers to execute arbitrary commands via a crafted packet whose contents are interpreted as a command to be launched in a new process by the CreateProcessA function.
>>>
Vendor:
Symantec
241
Products
Mail-gear
Norton antivirus
Pcanywhere
Norton utilities
I-gear
Raptor firewall
Liveupdate
Norton ghost
Enterprise firewall
Velociraptor
Gateway security
Norton internet security
Norton personal firewall
Firewall vpn appliance 100
Firewall vpn appliance 200
Firewall vpn appliance 200r
JAVA
Sygate personal firewall
Security check
Norton system works
Windows liveupdate
VXFS
Clientless vpn gateway 4400
Gateway security 5400
Antivirus scan engine
Norton antispam
Gateway security 5300
Client firewall
Client security
Brightmail antispam
Nexland isb soho firewall appliance
Nexland pro100 firewall appliance
Nexland pro400 firewall appliance
Nexland pro800 firewall appliance
Nexland pro800turbo firewall appliance
Nexland wavebase firewall appliance
Gateway security 320
Gateway security 360
Gateway security 360r
On command ccm
On icommand
Security check virus detection
Powerquest deploycenter
Web security
Mail security
Sav filter domino nt ports
Sav filter for domino nt
Gateway security 460
Symav filter domino nt
Antivirus scan engine for network attached storage
Discovery
On command discovery
Gateway security 300
Gateway security 400
Gateway security 5000 series
Gateway security 5100
Gateway security 5310
Sygate management server
Ghost solutions suite
Security information manager
On-demand agent
On-demand protection
Enterprise security manager
Host ids
Veritas netbackup client
Veritas netbackup enterprise server
Veritas netbackup server
Naveng driver
Navex15 driver
Sygate network access control
Automated support assistant
Livestate agent for windows
Symantec antivirus filtering +for domino
Mail security 8820 appliance
Veritas volume replicator
Antivirus
Norton 360
Veritas storage foundation
Backupexec system recovery
Livestate recovery
Norton save and recovery
Reporting server
Veritas backup exec
Altiris deployment solution
Mail security appliance
Backup exec for windows server
Scan engine
Symantec antivirus clearswift
Symantec antivirus filtering domino mpe
Symantec antivirus messaging
Symantec antivirus microsoft sharepoint
Symantec antivirus ms isa
Symantec antivirus network attached storage
Symantec antivirus scan engine
Symantec antivirus scan engine caching
Symantec mail security exchange
Symantec antivirus scan engine clearswift
Symantec antivirus scan engine for microsoft sharepoint
Symantec antivirus scan engine for ms isa
Symantec antivirus scan engine messaging
See all Products for Vendor
Symantec
Copyright
2024
, cxsecurity.com
Back to Top
Vulnerabilities for 