QwikSec

Security Database

CVE

CWE

Training

CVE-2010-3268

Published: Dec 22, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec Antivirus Corporate Edition 10.1.4.4010 on Windows 2000 SP4 and Symantec Endpoint Protection before 11.x, does not properly validate the CommandLine field of an AMS request, which allows remote attackers to cause a denial of service (application crash) via a crafted request.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20101213 [CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110126_00

x_refsource_CONFIRM

vdb-entry

x_refsource_VUPEN

http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_SECTRACK

symantec-antivirus-handler-service-dos(64028)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.