CVE-2009-1430

Name of the Vulnerable Software and Affected Versions Symantec Alert Management System 2 (AMS2) versions prior to the fixed version Symantec System Center (SSS) versions prior to the fixed version Symantec AntiVirus Server versions prior to the fixed version Symantec AntiVirus Central Quarantine Server versions prior to the fixed version Symantec AntiVirus (SAV) Corporate Edition versions prior to 9.0 MR7 Symantec AntiVirus (SAV) Corporate Edition 10.0 and 10.1 versions prior to 10.1 MR8 Symantec AntiVirus (SAV) Corporate Edition 10.2 versions prior to 10.2 MR2 Symantec Client Security (SCS) 2 versions prior to 2.0 MR7 Symantec Client Security (SCS) 3 versions prior to 3.1 MR8 Symantec Endpoint Protection (SEP) versions prior to 11.0 MR3

Description The issue is related to multiple stack-based buffer overflows in IAO.EXE, part of the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2). This allows remote attackers to execute arbitrary code via a crafted packet or data that ostensibly arrives from the MsgSys.exe process.

Recommendations For Symantec Alert Management System 2 (AMS2), update to the latest version to resolve the issue. For Symantec System Center (SSS), update to the latest version to resolve the issue. For Symantec AntiVirus Server, update to the latest version to resolve the issue. For Symantec AntiVirus Central Quarantine Server, update to the latest version to resolve the issue. For Symantec AntiVirus (SAV) Corporate Edition 9, update to 9.0 MR7 or later to resolve the issue. For Symantec AntiVirus (SAV) Corporate Edition 10.0 and 10.1, update to 10.1 MR8 or later to resolve the issue. For Symantec AntiVirus (SAV) Corporate Edition 10.2, update to 10.2 MR2 or later to resolve the issue. For Symantec Client Security (SCS) 2, update to 2.0 MR7 or later to resolve the issue. For Symantec Client Security (SCS) 3, update to 3.1 MR8 or later to resolve the issue. For Symantec Endpoint Protection (SEP), update to 11.0 MR3 or later to resolve the issue.