TITLE:
Symantec Products Alert Notification Two Vulnerabilities
SECUNIA ADVISORY ID:
SA21884
VERIFY ADVISORY:
http://secunia.c
om/advisories/21884/
CRITICAL:
Less critical
IMPACT:
Privilege escalation, DoS
WHERE:
Local system
SOFTWARE:
Symantec Client Security 3.x
http://secunia.com/p
roduct/6649/
Symantec Client Security 2.x
http://secunia.com/p
roduct/3478/
Symantec Client Security 1.x
http://secunia.com/p
roduct/2344/
Symantec AntiVirus Corporate Edition 9.x
http://secunia.com/p
roduct/3549/
Symantec AntiVirus Corporate Edition 8.x
http://secunia.com/pr
oduct/659/
Symantec AntiVirus Corporate Edition 10.x
http://secunia.com/p
roduct/5555/
DESCRIPTION:
Some vulnerabilities have been reported in Symantec Client
Security
and Symantec AntiVirus Corporate Edition, which can be
exploited by
malicious, local users to cause a DoS (Denial of Service) or
gain
escalated privileges.
1) A format string error within the handling of
"Tamper
Protection"
and "Virus Alert Notification" messages can be
exploited to
execute
arbitrary code with escalated privileges by replacing the
message
with a specially crafted format string.
2) Another format string error exists in the alert
notification
process when displaying a notification message upon
detection
of a
malicious file. This can be exploited to crash the Real Time
Virus
Scan service by replacing the message with a specially
crafted
format
string.
SOLUTION:
Apply patches (see patch matrix in vendor advisory).
ORIGINAL ADVISORY:
Symantec:
http://securityresponse.symantec.c
om/avcenter/security/Content/2006.09.13.html
Layered Defense:
http://layer
eddefense.com/SAV13SEPT.html
============= PCWorks Mailing List =================
Don't see your post? Check our posting guidelines &
make sure you've followed proper posting procedures,
http://pcworkers.com/r
ules.htm
Contact list owner <owner-pcworks imagicomm.com>
Unsubscribing and other changes: http://pcworkers.com
=====================================================
|