Previous articleBack to news listNext article
|
Sponsored links |
Want to become one of our authors and see your work published on ALLSeek.iNFO ?
|
| Symantec Norton Anti-Virus Buffer Overflow in DEC2EXE in Parsing UPX Compressed Files Lets Remote Users Execute Arbitrary Code |
|---|
Categorie: Vulnerability
Posted: 2005-02-09 by ReCall
Views: 483
Source: Click here
| Current Rating: Not rated
|
|
| Details |
|---|
Description: A vulnerability was reported in Symantec's Norton Anti-Virus. A remote user may be able to execute arbitrary code on the target system. Several other Symantec products are also affected.
The software does not properly parse UPX compressed files when inspecting them for viruses. A remote user can send a specially crafted UPX file to trigger a buffer overflow and execute arbitrary code.
The flaw resides in the DEC2EXE engine.
The following versions are affected:
Norton AntiVirus for Microsoft Exchange 2.1, prior to build 2.18.85
Symantec Norton Antivirus 2004 for Windows
Symantec Norton Antivirus 2004 for Macintosh
Symantec Norton Antivirus 9.0 for Macintosh
Impact: A remote user can execute arbitrary code on the target system with the privileges of the anti-virus process.
Solution: The vendor has issued a fix available via LiveUpdate and at:
http://www.symantec.com/techsupp
|
| Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1348
|
| User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
|
Previous articleBack to news listNext article
|
