CVE-2010-0106

3 documents3 sources

Severity

1.9LOW

EPSS

0.3%

top 46.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Antivirus Symantec Client Security Symantec Endpoint Protection

Timeline

PublishedFeb 19

Latest updateMay 2

Description

The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.

CVSS vector

AV:L/AC:M/C:N/I:N/A:PExploitability: 3.4 | Impact: 2.9

Affected Packages3 packages

▶NVDsymantec/antivirus23 versions+22

▶NVDsymantec/client_security18 versions+17

▶NVDsymantec/endpoint_protection11.0

🔴Vulnerability Details

GHSA

GHSA-222c-qv22-f3wj: The on-demand scanning in Symantec AntiVirus 10↗2022-05-02

▶

CVEList

CVE-2010-0106: The on-demand scanning in Symantec AntiVirus 10↗2010-02-19

▶