Remote code execution vulnerability in Symantec AntiVirus Corporate Edition (SAVCE), Symantec System Center (SSC), and Symantec Quarantine ServerID: oval:org.secpod.oval:def:1709 | Date: (C)2011-08-01 (M)2021-09-11 |
Class: VULNERABILITY | Family: windows |
The host is installed with Symantec AntiVirus Corporate Edition (SAVCE) or Symantec System Center (SSC) or Symantec Quarantine Server and is prone to a remote code execution vulnerability. A flaw is present in the Intel Alert Management System, which fails to validate input passed to msgsys.exe a UNC share pathname which is directly used in a function call. Successful exploitation could allow an attacker to execute arbitrary code.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Symantec Antivirus |
Symantec Quarantine Server |
Symantec System Center |