A vulnerability allows attackers to create a denial of service condition on software with vulnerable installations of the Symantec's AntiVirus engine. Authentication is not required to exploit this vulnerability. The specific flaw resides in a forged PACK_SIZE field of a RAR file header. By setting this field to a specific value an infinite loop denial of service condition will occur when the scanner processes the file.
8c3b03361c415d4af702f337b7b7a1c3bac489c20da60f6b941d19b2bbde57f6