Symantec AntiVirus Multiple Vulnerabilities (SYM10-002 / SYM10-003 / SYM10-004)

This script is Copyright (C) 2013 Tenable Network Security, Inc.

Synopsis :

The remote host contains a program that is affected by multiple

Description :

The version of Symantec Antivirus Corporate Edition (SAVCE) or Symantec
Client Security is potentially affected by multiple vulnerabilities :

- If Symantec Tamper protection is disabled, it is
possible to bypass scanning. (CVE-2010-0106)

- A browser-based input validation issue exists in
SYMLTCOM.dll that can lead to a buffer overflow.

- A buffer overflow exists in the Symantec Client Proxy,
'CLIproxy.dll'. (CVE-2010-0108)

See also :

Solution :

Upgrade to Symantec Client Security 3.1 MR9, Symantec AntiVirus 10.1
MR9, Symantec AntiVirus 10.2 MR4 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 69956 ()

Bugtraq ID: 38217

CVE ID: CVE-2010-0106

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now