Sign-up

ID

VAR-201208-0090


CVE

CVE-2010-3497


TITLE

Symantec Norton AntiVirus Vulnerable to arbitrary code execution

Trust: 0.8

sources: JVNDB: JVNDB-2012-003809

DESCRIPTION

Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that this issue "falls into the work of our Firewall and not our AV (per our methodology of layers of defense).". Symantec Norton Antivirus 2011 is prone to a security-bypass vulnerability that may allow an attacker to bypass virus scans. Successful exploits will allow attackers to bypass virus scanning, possibly allowing malicious files to escape detection

Trust: 1.98

sources: NVD: CVE-2010-3497 // JVNDB: JVNDB-2012-003809 // BID: 44188 // VULHUB: VHN-46102

AFFECTED PRODUCTS

vendor:symantecmodel:norton antivirusscope:eqversion:2011

Trust: 2.4

vendor:symantecmodel:norton antivirusscope:eqversion:20110

Trust: 0.3

sources: BID: 44188 // JVNDB: JVNDB-2012-003809 // CNNVD: CNNVD-201208-393 // NVD: CVE-2010-3497

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-3497
value: MEDIUM

Trust: 1.0

NVD: CVE-2010-3497
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201208-393
value: MEDIUM

Trust: 0.6

VULHUB: VHN-46102
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-3497
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-46102
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-46102 // JVNDB: JVNDB-2012-003809 // CNNVD: CNNVD-201208-393 // NVD: CVE-2010-3497

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.9

sources: VULHUB: VHN-46102 // JVNDB: JVNDB-2012-003809 // NVD: CVE-2010-3497

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201208-393

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201208-393

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-003809

PATCH
title:ノートン アンチウイルスurl:http://jp.norton.com/antivirus/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-003809

EXTERNAL IDS
db:NVDid:CVE-2010-3497
Trust: 2.8
db:JVNDBid:JVNDB-2012-003809
Trust: 0.8
db:CNNVDid:CNNVD-201208-393
Trust: 0.7
db:BUGTRAQid:20101018 ANTIVIRUS DETECTION AFTER MALWARE EXECUTION
Trust: 0.6
db:BIDid:44188
Trust: 0.4
db:VULHUBid:VHN-46102
Trust: 0.1
sources:
            
            
            VULHUB: VHN-46102 // 
            
            
            
            BID: 44188 // 
            
            
            
            JVNDB: JVNDB-2012-003809 // 
            
            
            
            CNNVD: CNNVD-201208-393 // 
            
            
            
            NVD: CVE-2010-3497

REFERENCES
url:http://www.n00bz.net/antivirus-cve
Trust: 2.0
url:http://www.securityfocus.com/archive/1/514356
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3497
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3497
Trust: 0.8
url:http://www.symantec.com/nav/nav_9xnt/
Trust: 0.3
url:/archive/1/514356
Trust: 0.3
sources:
            
            
            VULHUB: VHN-46102 // 
            
            
            
            BID: 44188 // 
            
            
            
            JVNDB: JVNDB-2012-003809 // 
            
            
            
            CNNVD: CNNVD-201208-393 // 
            
            
            
            NVD: CVE-2010-3497

CREDITS
jason@n00bz.net
Trust: 0.3
sources:
            
            
            BID: 44188

SOURCES
db:VULHUBid:VHN-46102
db:BIDid:44188
db:JVNDBid:JVNDB-2012-003809
db:CNNVDid:CNNVD-201208-393
db:NVDid:CVE-2010-3497

LAST UPDATE DATE
2024-11-23T22:31:31.835000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-46102date:2012-08-22T00:00:00
db:BIDid:44188date:2010-10-18T00:00:00
db:JVNDBid:JVNDB-2012-003809date:2012-08-23T00:00:00
db:CNNVDid:CNNVD-201208-393date:2012-09-12T00:00:00
db:NVDid:CVE-2010-3497date:2024-11-21T01:18:52.323

SOURCES RELEASE DATE
db:VULHUBid:VHN-46102date:2012-08-22T00:00:00
db:BIDid:44188date:2010-10-18T00:00:00
db:JVNDBid:JVNDB-2012-003809date:2012-08-23T00:00:00
db:CNNVDid:CNNVD-201208-393date:2012-08-24T00:00:00
db:NVDid:CVE-2010-3497date:2012-08-22T10:42:04.070