CVE-2010-0111

CWE-20Improper Input Validation4 documents4 sources
Severity
9.3CRITICAL
EPSS
60.6%
top 1.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Symantec AntivirusSymantec Antivirus Central Quarantine ServerSymantec System Center
Timeline
PublishedJan 31
Latest updateMay 2

Description

HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (aka AMS or AMS2), as used in Symantec AntiVirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary programs by sending msgsys.exe a UNC share pathname, which is used directly in a CreateProcessA (aka CreateProcess) call.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages3 packages

NVDsymantec/system_center10.0, 10.1+1
NVDsymantec/antivirus26 versions+25

🔴Vulnerability Details

2
GHSA
GHSA-c8p5-6xf7-qcx4: HDNLRSVC2022-05-02
CVEList
CVE-2010-0111: HDNLRSVC2011-01-31

💥Exploits & PoCs

1
Exploit-DB
Insky CMS 006-0111 - Multiple Remote File Inclusions2010-03-23
CVE-2010-0111 (CRITICAL CVSS 9.3) | HDNLRSVC.EXE in the Intel Alert Han | cvebase.io