8.2 High
AI Score
Confidence
Low
7.9 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
0.954 High
EPSS
Percentile
99.3%
Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe, related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe, related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe, related to iao.exe in the Intel Alert Originator service.
secunia.com/advisories/43099
secunia.com/advisories/43106
securitytracker.com/id?1024996
www.securityfocus.com/bid/45936
www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00
www.vupen.com/english/advisories/2011/0234
www.zerodayinitiative.com/advisories/ZDI-11-028
www.zerodayinitiative.com/advisories/ZDI-11-030
www.zerodayinitiative.com/advisories/ZDI-11-031
www.zerodayinitiative.com/advisories/ZDI-11-032
exchange.xforce.ibmcloud.com/vulnerabilities/64940