Symantec AntiVirus Multiple Vulnerabilities (SYM10-002 / SYM10-003 / SYM10-004)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote host contains a program that is affected by multiple
vulnerabilities.

Description :

The version of Symantec Antivirus Corporate Edition (SAVCE) or Symantec
Client Security is potentially affected by multiple vulnerabilities :

- If Symantec Tamper protection is disabled, it is
possible to bypass scanning. (CVE-2010-0106)

- A browser-based input validation issue exists in
SYMLTCOM.dll that can lead to a buffer overflow.
(CVE-2010-0107)

- A buffer overflow exists in the Symantec Client Proxy,
'CLIproxy.dll'. (CVE-2010-0108)

See also :

http://www.nessus.org/u?123c355b
http://www.nessus.org/u?2e29ac7a
http://www.nessus.org/u?87ec81ff

Solution :

Upgrade to Symantec Client Security 3.1 MR9, Symantec AntiVirus 10.1
MR9, Symantec AntiVirus 10.2 MR4 or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 69956 ()

Bugtraq ID: 38217
38219
38222

CVE ID: CVE-2010-0106
CVE-2010-0107
CVE-2010-0108

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now