Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-11-032
HistoryJan 27, 2011 - 12:00 a.m.

Symantec Intel Alert Originator Service iao.exe Remote Code Execution Vulnerability

2011-01-2700:00:00
Anonymous
www.zerodayinitiative.com
20

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.326 Low

EPSS

Percentile

97.0%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of multiple Symantec products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Intel Alert Originator (iao.exe) service. While processing messages sent from the msgsys.exe process a size check can be bypassed and a subsequent stack-based buffer overflow can be triggered. This can be leveraged by remote attackers to execute arbitrary code under the context of the Alert service.

Related

checkpoint_advisories 1
cve 2
prion 2
symantec 1
securityvulns 2
zdi 3
openvas 2
nessus 1
checkpoint_advisories
checkpoint_advisories
Symantec Antivirus Intel Alert Handler Service Denial of Service (CVE-2010-0111)
2011-02-20 00:00:00
cve
cve
CVE-2010-0111
2011-01-31 21:00:00
CVE-2011-0688
2011-01-31 21:00:00
prion
prion
Code injection
2011-01-31 21:00:00
Information disclosure
2011-01-31 21:00:00
symantec
symantec
Multiple Symantec Intel Alert Management System Arbitrary Message Creation or Denial of Service
2011-01-26 08:00:00
securityvulns
securityvulns
TELUS Security Labs VR - Symantec Antivirus Intel Alert Handler Service Denial of Service
2011-01-31 00:00:00
Symantec Antivirus Corporate Edition Alert Management Service code execution
2011-01-31 00:00:00
zdi
zdi
Symantec AMS Intel Alert Handler Modem String Parsing Remote Code Execution Vulnerability
2011-01-27 00:00:00
Symantec AMS Intel Alert Handler Pin Number Parsing Remote Code Execution Vulnerability
2011-01-27 00:00:00
Symantec AMS Intel Alert Handler Service CreateProcess Remote Code Execution Vulnerability
2011-01-27 00:00:00
openvas
openvas
Symantec Intel Alert Management System Multiple Vulnerabilities
2011-02-07 00:00:00
Symantec Intel Alert Management System Multiple Vulnerabilities
2011-02-07 00:00:00
nessus
nessus
Symantec Alert Management System 2 Multiple Vulnerabilities (SYM11-002, SYM11-003)
2011-01-28 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.326 Low

EPSS

Percentile

97.0%

JSON
Related for ZDI-11-032
checkpoint_advisories1cve2prion2symantec1securityvulns2zdi3openvas2nessus1