CVE-2010-0108

Description

Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers to execute arbitrary code via a long argument to the SetRemoteComputerName function.

Affected products

• Symantec / antivirus10.0 – 10.0
• Symantec / antivirus10.0.1 – 10.0.1
• Symantec / antivirus10.0.1.1 – 10.0.1.1
• Symantec / antivirus10.0.2 – 10.0.2
• Symantec / antivirus10.0.2.1 – 10.0.2.1
• Symantec / antivirus10.0.2.2 – 10.0.2.2
• Symantec / antivirus10.0.3 – 10.0.3
• Symantec / antivirus10.0.4 – 10.0.4
• Symantec / antivirus10.0.5 – 10.0.5
• Symantec / antivirus10.0.6 – 10.0.6
• Symantec / antivirus10.0.7 – 10.0.7
• Symantec / antivirus10.0.8 – 10.0.8
• Symantec / antivirus10.0.9 – 10.0.9
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1 – 10.1
• Symantec / antivirus10.1.0.1 – 10.1.0.1
• Symantec / antivirus10.1.4 – 10.1.4
• Symantec / antivirus10.1.4.1 – 10.1.4.1
• Symantec / antivirus10.1.5 – 10.1.5
• Symantec / antivirus10.1.5.1 – 10.1.5.1
• Symantec / antivirus10.1.6 – 10.1.6
• Symantec / antivirus10.1.6.1 – 10.1.6.1
• Symantec / antivirus10.1.7 – 10.1.7
• Symantec / antivirus10.2 – 10.2
• Symantec / antivirus10.2 – 10.2
• Symantec / antivirus10.2 – 10.2
• Symantec / client_security3.0 – 3.0
• Symantec / client_security3.0 – 3.0
• Symantec / client_security3.0 – 3.0
• Symantec / client_security3.0.0.359 – 3.0.0.359
• Symantec / client_security3.0.1.1000 – 3.0.1.1000
• Symantec / client_security3.0.1.1007 – 3.0.1.1007
• Symantec / client_security3.0.1.1008 – 3.0.1.1008
• Symantec / client_security3.0.2 – 3.0.2
• Symantec / client_security3.0.2.2000 – 3.0.2.2000
• Symantec / client_security3.0.2.2001 – 3.0.2.2001
• Symantec / client_security3.0.2.2010 – 3.0.2.2010
• Symantec / client_security3.0.2.2011 – 3.0.2.2011
• Symantec / client_security3.0.2.2020 – 3.0.2.2020
• Symantec / client_security3.0.2.2021 – 3.0.2.2021
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1.0.396 – 3.1.0.396
• Symantec / client_security3.1.0.401 – 3.1.0.401
• Symantec / client_security3.1.394 – 3.1.394
• Symantec / client_security3.1.400 – 3.1.400
• Symantec / client_security3.1.401 – 3.1.401
• Symantec / endpoint_protection11.0 – 11.0

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/56355
• MISChttp://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_02
• MISChttp://www.securityfocus.com/archive/1/509681/100/0/threaded
• MISChttp://dsecrg.com/pages/vul/show.php?id=139
• VENDOR_ADVISORYhttp://secunia.com/advisories/38651
• MISChttp://www.securityfocus.com/bid/38222
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/0412