Vulnerability Details CVE-2010-0108
Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.157
EPSS Ranking 94.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://dsecrg.com/pages/vul/show.php?id=139
- http://secunia.com/advisories/38651
- http://www.securityfocus.com/archive/1/509681/100/0/threaded
- http://www.securityfocus.com/bid/38222
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_02
- http://www.vupen.com/english/advisories/2010/0412
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56355
- http://dsecrg.com/pages/vul/show.php?id=139
- http://secunia.com/advisories/38651
- http://www.securityfocus.com/archive/1/509681/100/0/threaded
- http://www.securityfocus.com/bid/38222
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_02
- http://www.vupen.com/english/advisories/2010/0412
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56355
Products affected by CVE-2010-0108
-
cpe:2.3:a:symantec:antivirus:10.0
-
cpe:2.3:a:symantec:antivirus:10.0.1
-
cpe:2.3:a:symantec:antivirus:10.0.1.1
-
cpe:2.3:a:symantec:antivirus:10.0.2
-
cpe:2.3:a:symantec:antivirus:10.0.2.1
-
cpe:2.3:a:symantec:antivirus:10.0.2.2
-
cpe:2.3:a:symantec:antivirus:10.0.3
-
cpe:2.3:a:symantec:antivirus:10.0.4
-
cpe:2.3:a:symantec:antivirus:10.0.5
-
cpe:2.3:a:symantec:antivirus:10.0.6
-
cpe:2.3:a:symantec:antivirus:10.0.7
-
cpe:2.3:a:symantec:antivirus:10.0.8
-
cpe:2.3:a:symantec:antivirus:10.0.9
-
cpe:2.3:a:symantec:antivirus:10.1
-
cpe:2.3:a:symantec:antivirus:10.1.0.1
-
cpe:2.3:a:symantec:antivirus:10.1.4
-
cpe:2.3:a:symantec:antivirus:10.1.4.1
-
cpe:2.3:a:symantec:antivirus:10.1.5
-
cpe:2.3:a:symantec:antivirus:10.1.5.1
-
cpe:2.3:a:symantec:antivirus:10.1.6
-
cpe:2.3:a:symantec:antivirus:10.1.6.1
-
cpe:2.3:a:symantec:antivirus:10.1.7
-
cpe:2.3:a:symantec:antivirus:10.2
-
cpe:2.3:a:symantec:client_security:3.0
-
cpe:2.3:a:symantec:client_security:3.0.0.359
-
cpe:2.3:a:symantec:client_security:3.0.1.1000
-
cpe:2.3:a:symantec:client_security:3.0.1.1007
-
cpe:2.3:a:symantec:client_security:3.0.1.1008
-
cpe:2.3:a:symantec:client_security:3.0.2
-
cpe:2.3:a:symantec:client_security:3.0.2.2000
-
cpe:2.3:a:symantec:client_security:3.0.2.2001
-
cpe:2.3:a:symantec:client_security:3.0.2.2010
-
cpe:2.3:a:symantec:client_security:3.0.2.2011
-
cpe:2.3:a:symantec:client_security:3.0.2.2020
-
cpe:2.3:a:symantec:client_security:3.0.2.2021
-
cpe:2.3:a:symantec:client_security:3.1
-
cpe:2.3:a:symantec:client_security:3.1.0.396
-
cpe:2.3:a:symantec:client_security:3.1.0.401
-
cpe:2.3:a:symantec:client_security:3.1.394
-
cpe:2.3:a:symantec:client_security:3.1.400
-
cpe:2.3:a:symantec:client_security:3.1.401
-
cpe:2.3:a:symantec:endpoint_protection:11.0