CVE-2010-0110 Information

Description

Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2) as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10 Symantec System Center (SSC) 10.x and Symantec Quarantine Server 3.5 and 3.6 allow remote attackers to execute arbitrary code via (1) a long string to msgsys.exe related to the AMSSendAlertAct function in AMSLIB.dll in the Intel Alert Handler service (aka Symantec Intel Handler service); a long (2) modem string or (3) PIN number to msgsys.exe related to pagehndl.dll in the Intel Alert Handler service; or (4) a message to msgsys.exe related to iao.exe in the Intel Alert Originator service.

Reference

http://secunia.com/advisories/43099 http://secunia.com/advisories/43106 http://securitytracker.com/id?1024996 http://www.securityfocus.com/bid/45936 http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00 http://www.vupen.com/english/advisories/2011/0234 http://www.zerodayinitiative.com/advisories/ZDI-11-028 http://www.zerodayinitiative.com/advisories/ZDI-11-030 http://www.zerodayinitiative.com/advisories/ZDI-11-031 http://www.zerodayinitiative.com/advisories/ZDI-11-032 https://exchange.xforce.ibmcloud.com/vulnerabilities/64940