Vulnerability CVE-2010-3268


Published: 2010-12-22   Modified: 2012-02-13

Description:
The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Symantec Intel Handler Service Remote Denial-of-Service
Core
25.12.2010

Type:

CWE-20

(Improper Input Validation)

Vendor: Symantec
Product: Endpoint protection 
Version:
11.0.4
11.0.3001
11.0.2
11.0.1
11.0
Product: Antivirus 
Version: 10.1.4.4010;
Vendor: Intel
Product: Intel alert management system 

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos
http://www.securityfocus.com/archive/1/515191/100/0/threaded
http://www.securityfocus.com/bid/45936
http://www.securitytracker.com/id?1024866
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00
http://www.vupen.com/english/advisories/2010/3206
http://www.vupen.com/english/advisories/2011/0234
https://exchange.xforce.ibmcloud.com/vulnerabilities/64028

Related CVE
CVE-2019-11114
Insufficient input validation in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable denial of service via local access.
CVE-2019-11095
Insufficient access control in Intel(R) Driver & Support Assistant version 19.3.12.3 and before may allow a privileged user to potentially enable information disclosure via local access.
CVE-2019-11094
Insufficient input validation in system firmware for Intel (R) NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access.
CVE-2019-11093
Unquoted service path in the installer for the Intel(R) SCS Discovery Utility version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-0172
A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access.
CVE-2019-0170
Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2019-0153
Buffer overflow in subsystem in Intel(R) CSME before version 12.0.35 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
CVE-2019-0138
Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.129 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access.

Copyright 2019, cxsecurity.com

 

Back to Top