Symantec AntiVirus Multiple Vulnerabilities (SYM10-002 / SYM10-003 / SYM10-004)

Critical Nessus Plugin ID 69956


The remote host contains a program that is affected by multiple vulnerabilities.


The version of Symantec Antivirus Corporate Edition (SAVCE) or Symantec Client Security is potentially affected by multiple vulnerabilities :

- If Symantec Tamper protection is disabled, it is possible to bypass scanning. (CVE-2010-0106)

- A browser-based input validation issue exists in SYMLTCOM.dll that can lead to a buffer overflow.

- A buffer overflow exists in the Symantec Client Proxy, 'CLIproxy.dll'. (CVE-2010-0108)


Upgrade to Symantec Client Security 3.1 MR9, Symantec AntiVirus 10.1 MR9, Symantec AntiVirus 10.2 MR4 or later.

See Also

Plugin Details

Severity: Critical

ID: 69956

File Name: savce_sym10-004.nasl

Version: $Revision: 1.2 $

Type: local

Agent: windows

Family: Windows

Published: 2013/09/18

Modified: 2013/09/20

Dependencies: 21725

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:symantec:antivirus, cpe:/a:symantec:client_security

Required KB Items: Antivirus/SAVCE/version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2010/02/17

Vulnerability Publication Date: 2010/02/17

Reference Information

CVE: CVE-2010-0106, CVE-2010-0107, CVE-2010-0108

BID: 38217, 38219, 38222

OSVDB: 62412, 62413, 62414

IAVA: 2010-A-0036

CWE: 119