iDEFENSE Security Advisory - Local exploitation of a design error in the Symantec AntiVirus 9 Corporate Edition may allow a user to gain elevated privileges. Exploitation can occur when a user chooses the right click Scan for viruses option. The Symantec scan file interface allows the user to launch a help window through the use of a toolbar icon. If the user then right clicks the help window title bar they can choose the Jump to URL menu option, which will then allow them to browse the local file system and execute files as the SYSTEM user.
4c4c53312ff3be87fe0e66e5f442ebce8f831cd5fb132dd1575a49517cbbc92b