Secunia Security Advisory - eEye Digital Security has reported a vulnerability in Symantec Client Security and Symantec AntiVirus Corporate Edition, which can be exploited by malicious people to compromise a user's system.
3505ddf90f18149177b081278ba66b890659ba4f20198120cb948c363b0b0c36
TITLE:
Symantec Client Security / AntiVirus Unspecified Code Execution
SECUNIA ADVISORY ID:
SA20318
VERIFY ADVISORY:
http://secunia.com/advisories/20318/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
Symantec Client Security 3.x
http://secunia.com/product/6649/
Symantec AntiVirus Corporate Edition 10.x
http://secunia.com/product/5555/
DESCRIPTION:
eEye Digital Security has reported a vulnerability in Symantec Client
Security and Symantec AntiVirus Corporate Edition, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified boundary error and
can be exploited to cause a stack-based buffer overflow.
Successful exploitation allows execution of arbitrary code with
SYSTEM privileges.
SOLUTION:
Apply patches (see patch matrix in vendor advisory).
PROVIDED AND/OR DISCOVERED BY:
eEye Digital Security
ORIGINAL ADVISORY:
Symantec:
http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html
eEye Digital Security:
http://www.eeye.com/html/research/upcoming/20060524.html
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------