Symantec flaws affects 30 products

Vox Populi Vox Dei

High Tory
Joined
Mar 6, 2004
Messages
54,026
Reaction score
38,862
Location
Cape Town
Source:http://www.theregister.co.uk/2005/02/10/symantec_uberbug/

cross-platform flaw affecting many Symantec security products - both consumer and enterprise - has been discovered. Users of Symantec's Norton SystemWorks 2004, Norton SystemWorks 2004 (both Mac and Windows), Norton AntiVirus 2004, corporate anti-virus apps and Brightmail anti-spam software (among others) all need to apply patches following the discovery of the "highly critical" security bug. In all 30 packages are affected.

The vulnerability stems from a flaw in an antivirus scanning component (called the DEC2EXE parsing engine) involving the processing of UPX compressed files. Maliciously constructed UPX files could be created to cause a heap-based buffer overflow. This in turn makes it possible for malicious hackers to inject hostile code onto vulnerable systems, allowing them to be taken over by attackers.

Symantec said the vulnerable EC2EXE engine is no longer required to parse compressed files. It had already planned to dispense with the component across its product range and the discovery of vulnerability by security tools vendor ISS has simply brought forward this process.
 
Top
Sign up to the MyBroadband newsletter
X