Critical Flaw in Symantec AntiVirus
Thursday December 22, 2005
A RAR Archive Decompression Buffer Overflow in Symantec Antivirus products has led Secunia to issue a 'highly critical' advisory. According to the advisory, the RAR Decompression flaw can be exploited remotely and can allow unauthorized system access. Symantec is reportedly working on a fix for the problem.
Over 35 Symantec antivirus, gateway, and spam products contain the vulnerability, including Norton AntiVirus, Norton Internet Security, Brightmail AntiSpam, and Symantec Gateway Security. Customers using any products that use the Symantec AntiVirus engine are encouraged to disable scanning of RAR files until a patch for the vulnerability is provided by the vendor. Additionally, Symantec has provided heuristic detection for the the vulnerability exploit code, available via LiveUpdate.
For further details on the RAR Archive Decompression Buffer Overflow in Symantec Antivirus, see:
Over 35 Symantec antivirus, gateway, and spam products contain the vulnerability, including Norton AntiVirus, Norton Internet Security, Brightmail AntiSpam, and Symantec Gateway Security. Customers using any products that use the Symantec AntiVirus engine are encouraged to disable scanning of RAR files until a patch for the vulnerability is provided by the vendor. Additionally, Symantec has provided heuristic detection for the the vulnerability exploit code, available via LiveUpdate.
For further details on the RAR Archive Decompression Buffer Overflow in Symantec Antivirus, see:
Comments
No comments yet. Leave a Comment