CVE-2010-0106

Description

The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Client Security 3.0.x and 3.1.x before MR9, when Tamper protection is disabled, allows remote attackers to cause a denial of service (prevention of on-demand scanning) via "specific events" that prevent the user from having read access to unspecified resources.

Affected products

• Symantec / antivirus10.0 – 10.0
• Symantec / antivirus10.0.1 – 10.0.1
• Symantec / antivirus10.0.1.1 – 10.0.1.1
• Symantec / antivirus10.0.2 – 10.0.2
• Symantec / antivirus10.0.2.1 – 10.0.2.1
• Symantec / antivirus10.0.2.2 – 10.0.2.2
• Symantec / antivirus10.0.3 – 10.0.3
• Symantec / antivirus10.0.4 – 10.0.4
• Symantec / antivirus10.0.5 – 10.0.5
• Symantec / antivirus10.0.6 – 10.0.6
• Symantec / antivirus10.0.7 – 10.0.7
• Symantec / antivirus10.0.8 – 10.0.8
• Symantec / antivirus10.0.9 – 10.0.9
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1.0.1 – 10.1.0.1
• Symantec / antivirus10.1.4 – 10.1.4
• Symantec / antivirus10.1.4.1 – 10.1.4.1
• Symantec / antivirus10.1.5 – 10.1.5
• Symantec / antivirus10.1.5.1 – 10.1.5.1
• Symantec / antivirus10.1.6 – 10.1.6
• Symantec / antivirus10.1.6.1 – 10.1.6.1
• Symantec / antivirus10.1.7 – 10.1.7
• Symantec / antivirus10.2 – 10.2
• Symantec / antivirus10.2 – 10.2
• Symantec / antivirus10.2 – 10.2
• Symantec / client_security3.0 – 3.0
• Symantec / client_security3.0 – 3.0
• Symantec / client_security3.0 – 3.0
• Symantec / client_security3.0.0.359 – 3.0.0.359
• Symantec / client_security3.0.1.1000 – 3.0.1.1000
• Symantec / client_security3.0.1.1007 – 3.0.1.1007
• Symantec / client_security3.0.1.1008 – 3.0.1.1008
• Symantec / client_security3.0.2 – 3.0.2
• Symantec / client_security3.0.2.2000 – 3.0.2.2000
• Symantec / client_security3.0.2.2001 – 3.0.2.2001
• Symantec / client_security3.0.2.2010 – 3.0.2.2010
• Symantec / client_security3.0.2.2011 – 3.0.2.2011
• Symantec / client_security3.0.2.2020 – 3.0.2.2020
• Symantec / client_security3.0.2.2021 – 3.0.2.2021
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1.0.396 – 3.1.0.396
• Symantec / client_security3.1.0.401 – 3.1.0.401
• Symantec / client_security3.1.394 – 3.1.394
• Symantec / client_security3.1.400 – 3.1.400
• Symantec / client_security3.1.401 – 3.1.401
• Symantec / endpoint_protection11.0 – 11.0

References

• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/0410
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/56354
• MISChttp://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_00
• MISChttp://www.securitytracker.com/id?1023621
• MISChttp://www.securityfocus.com/bid/38219
• VENDOR_ADVISORYhttp://secunia.com/advisories/38653
• MISChttp://osvdb.org/62414