Vulnerability Bulletins |
Desbordamiento de Heap en Symantec AntiVirus |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio exotico |
System information |
|
| Property | Value |
| Affected manufacturer | Comercial Software |
| Affected software |
Norton AntiVirus for Microsoft Exchange Symantec Mail Security for Microsoft Exchange Symantec AntiVirus/Filtering for Domino NT Symantec Mail Security for Domino NT Symantec AntiVirus/Filtering for Domino Ports Symantec AntiVirus Scan Engine Symantec AntiVirus for MS ISA Symantec AntiVirus for MS Sharepoint Symantec AntiVirus for Messaging Symantec AntiVirus for NAS Symantec AntiVirus Scan Engine for NetApp Filer Symantec AntiVirus Scan Engine for NetApp NetCache Symantec AntiVirus Scan Engine for Bluecoat Symantec AntiVirus for Clearswift Symantec AntiVirus Scan Engine for Caching Symantec AntiVirus for SMTP Symantec Client Security Symantec Web Security Symantec BrightMail AntiSpam Symantec Gateway Security 5000 Series Symantec Gateway Security 5400 Series Symantec Gateway Security Symantec Norton Antivirus for Macintosh Corporate Edition Symantec Mail Security for Microsoft Exchange Symantec AntiSpam for SMTP Symantec AntiVirus/Filtering for Domino NT Symantec Mail Security for Domino Symantec AntiVirus/Filtering for Domino Ports Symantec Scan Engine Symantec AntiVirus Scan Engine Symantec AntiVirus Scan Engine for ISA Symantec AntiVirus Scan Engine for Netapp Filer Symantec AntiVirus Scan Engine for Netapp NetCache Symantec AntiVirus for Caching Symantec AntiVirus for Clearswift Symantec AntiVirus Scan Engine for Microsoft Portal Server Symantec AntiVirus Scan Engine for Bluecoat Symantec AntiVirus Scan Engine for Filers SharePoint Portal Server 2003 Symantec AntiVirus for SMTP Symantec Mail Security for SMTP Symantec Web Security Symantec BrightMail AntiSpam Symantec AntiVirus Corporate Edition Symantec Norton AntiVirus Symantec I-Gear Symantec AntiVirus HandHelds - Corporate Edition Symantec Client Security for Nokia Symantec Norton Antivirus Symantec Norton Internet Security Professional Symantec Norton System Works Norton Personal Firewall Symantec Norton Antivirus for Macintosh Symantec Norton Internet Security for Macintosh Symantec Norton System Works for Macintosh Symantec Norton Antivirus for Macintosh Symantec Norton Antivirus for Macintosh Symantec Norton Internet Security for Macintosh Symantec Norton System Works for Macintosh Symantec Norton Antivirus for Macintosh Symantec Norton Internet Security for Macintosh Symantec Norton System Works for Macintosh Symantec AntiVirus for Handhelds |
Description |
|
|
Se ha descubierto una vulnerabilidad de desbordamiento de búfer en la zona de heap en Symantec AntiVirus. La vulnerabilidad reside en el proceso de descompresión de archivos RAR, manejado por la librería Dec2Rar.dll que es utilizada por múltiples productos de Symantec. La explotación de esta vulnerabilidad podría permitir a un atacante remoto ejecutar código arbitrario mediante un archivo RAR especialmente diseñado. |
|
Solution |
|
|
De momento, no existe parche oficial para esta vulnerabilidad. Recomendamos visitar periódicamente la web del proveedor: http://www.symantec.com |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2005-4438 |
| BID | 15971 |
Other resources |
|
|
Symantec Security Advisory SYM05-027 http://securityresponse.symantec.com/avcenter/security/Content/2005.12.21b.html Symantec Antivirus Library Remote Heap Overflows Security Advisory http://www.rem0te.com/public/images/symc2.pdf |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2005-12-22 |