Symantec AntiVirus Multiple Vulnerabilities (SYM10-002 / SYM10-003 / SYM10-004)
Critical Nessus Plugin ID 69956
SynopsisThe remote host contains a program that is affected by multiple vulnerabilities.
DescriptionThe version of Symantec Antivirus Corporate Edition (SAVCE) or Symantec Client Security is potentially affected by multiple vulnerabilities :
- If Symantec Tamper protection is disabled, it is possible to bypass scanning. (CVE-2010-0106)
- A browser-based input validation issue exists in SYMLTCOM.dll that can lead to a buffer overflow.
- A buffer overflow exists in the Symantec Client Proxy, 'CLIproxy.dll'. (CVE-2010-0108)
SolutionUpgrade to Symantec Client Security 3.1 MR9, Symantec AntiVirus 10.1 MR9, Symantec AntiVirus 10.2 MR4 or later.