Remote Code Execution Vulnerability in Intel Alert Management System by Symantec
CVE-2010-0111

Currently unrated

Key Information:

Vendor: Symantec
Status: Antivirus
Vendor: CVE Published:; 31 January 2011

Summary

The vulnerability exists in the Intel Alert Handler service, which allows remote attackers to execute arbitrary programs on affected systems. By sending a specially crafted UNC share pathname to msgsys.exe, an attacker can exploit the system’s CreateProcessA function, leading to unauthorized execution of programs. This impacts multiple Symantec products, including older versions of Symantec AntiVirus Corporate Edition and Symantec Quarantine Servers, making it crucial for users to ensure their systems are updated and protected.

References

http://secunia.com/advisories/43099

third-party-advisoryx_refsource_SECUNIA

http://www.zerodayinitiative.com/advisories/ZDI-11-029

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/64943

vdb-entryx_refsource_XF

EPSS Score

60% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 31, 2011
Vulnerability Reserved
Dec 31, 2009