TUCoPS :: Security App Flaws :: tb11609.htm

Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability
ZDI-07-039: Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability
ZDI-07-039: Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability



WkRJLTA3LTAzOTogU3ltYW50ZWMgQW50aVZpcnVzIEVuZ2luZSBSQVIgRmlsZSBQYXJzaW5nIERv
UyBWdWxuZXJhYmlsaXR5DQpodHRwOi8vd3d3Lnplcm9kYXlpbml0aWF0aXZlLmNvbS9hZHZpc29y
aWVzL1pESS0wNy0wMzkuaHRtbA0KSnVseSAxMiwgMjAwNw0KDQotLSBDVkUgSUQ6DQpDVkUtMjAw
Ny0zNjk5DQoNCi0tIEFmZmVjdGVkIFZlbmRvcjoNClN5bWFudGVjDQoNCi0tIEFmZmVjdGVkIFBy
b2R1Y3RzOg0KU3ltYW50ZWMgQW50aVZpcnVzIEVuZ2luZQ0KDQoNCi0tIFRpcHBpbmdQb2ludChU
TSkgSVBTIEN1c3RvbWVyIFByb3RlY3Rpb246DQpUaXBwaW5nUG9pbnQgSVBTIGN1c3RvbWVycyBo
YXZlIGJlZW4gcHJvdGVjdGVkIGFnYWluc3QgdGhpcw0KdnVsbmVyYWJpbGl0eSBzaW5jZSBOb3Zl
bWJlciAyMCwgMjAwNiBieSBEaWdpdGFsIFZhY2NpbmUgcHJvdGVjdGlvbg0KZmlsdGVyIElEIDQ2
OTUsNDgyNC4gRm9yIGZ1cnRoZXIgcHJvZHVjdCBpbmZvcm1hdGlvbiBvbiB0aGUgVGlwcGluZ1Bv
aW50IA0KSVBTOg0KDQogICAgaHR0cDovL3d3dy50aXBwaW5ncG9pbnQuY29tIA0KDQotLSBWdWxu
ZXJhYmlsaXR5IERldGFpbHM6DQpUaGlzIHZ1bG5lcmFiaWxpdHkgYWxsb3dzIGF0dGFja2VycyB0
byBjcmVhdGUgYSBkZW5pYWwgb2Ygc2VydmljZQ0KY29uZGl0aW9uIG9uIHNvZnR3YXJlIHdpdGgg
dnVsbmVyYWJsZSBpbnN0YWxsYXRpb25zIG9mIHRoZSBTeW1hbnRlYydzDQpBbnRpVmlydXMgZW5n
aW5lLiBBdXRoZW50aWNhdGlvbiBpcyBub3QgcmVxdWlyZWQgdG8gZXhwbG9pdCB0aGlzDQp2dWxu
ZXJhYmlsaXR5Lg0KDQpUaGUgc3BlY2lmaWMgZmxhdyByZXNpZGVzIGluIGEgZm9yZ2VkIFBBQ0tf
U0laRSBmaWVsZCBvZiBhIFJBUiBmaWxlDQpoZWFkZXIuIEJ5IHNldHRpbmcgdGhpcyBmaWVsZCB0
byBhIHNwZWNpZmljIHZhbHVlIGFuIGluZmluaXRlIGxvb3ANCmRlbmlhbCBvZiBzZXJ2aWNlIGNv
bmRpdGlvbiB3aWxsIG9jY3VyIHdoZW4gdGhlIHNjYW5uZXIgcHJvY2Vzc2VzIHRoZQ0KZmlsZS4N
Cg0KLS0gVmVuZG9yIFJlc3BvbnNlOg0KU3ltYW50ZWMgaGFzIGlzc3VlZCBhbiB1cGRhdGUgdG8g
Y29ycmVjdCB0aGlzIHZ1bG5lcmFiaWxpdHkuIE1vcmUNCmRldGFpbHMgY2FuIGJlIGZvdW5kIGF0
Og0KDQogICAgaHR0cDovL3d3dy5zeW1hbnRlYy5jb20vYXZjZW50ZXIvc2VjdXJpdHkvQ29udGVu
dC8yMDA3LjA3LjExZi5odG1sDQoNCi0tIERpc2Nsb3N1cmUgVGltZWxpbmU6DQoyMDA2LjExLjAx
IC0gVnVsbmVyYWJpbGl0eSByZXBvcnRlZCB0byB2ZW5kb3INCjIwMDYuMTEuMjAgLSBEaWdpdGFs
IFZhY2NpbmUgcmVsZWFzZWQgdG8gVGlwcGluZ1BvaW50IGN1c3RvbWVycw0KMjAwNy4wNy4xMiAt
IENvb3JkaW5hdGVkIHB1YmxpYyByZWxlYXNlIG9mIGFkdmlzb3J5DQoNCi0tIENyZWRpdDoNClRo
aXMgdnVsbmVyYWJpbGl0eSB3YXMgZGlzY292ZXJlZCBieSBhbiBhbm9ueW1vdXMgcmVzZWFyY2hl
ci4NCg0KLS0gQWJvdXQgdGhlIFplcm8gRGF5IEluaXRpYXRpdmUgKFpESSk6DQpFc3RhYmxpc2hl
ZCBieSBUaXBwaW5nUG9pbnQsIGEgZGl2aXNpb24gb2YgM0NvbSwgVGhlIFplcm8gRGF5IEluaXRp
YXRpdmUNCihaREkpIHJlcHJlc2VudHMgYSBiZXN0LW9mLWJyZWVkIG1vZGVsIGZvciByZXdhcmRp
bmcgc2VjdXJpdHkNCnJlc2VhcmNoZXJzIGZvciByZXNwb25zaWJseSBkaXNjbG9zaW5nIGRpc2Nv
dmVyZWQgdnVsbmVyYWJpbGl0aWVzLg0KDQpSZXNlYXJjaGVycyBpbnRlcmVzdGVkIGluIGdldHRp
bmcgcGFpZCBmb3IgdGhlaXIgc2VjdXJpdHkgcmVzZWFyY2gNCnRocm91Z2ggdGhlIFpESSBjYW4g
ZmluZCBtb3JlIGluZm9ybWF0aW9uIGFuZCBzaWduLXVwIGF0Og0KDQogICAgaHR0cDovL3d3dy56
ZXJvZGF5aW5pdGlhdGl2ZS5jb20NCg0KVGhlIFpESSBpcyB1bmlxdWUgaW4gaG93IHRoZSBhY3F1
aXJlZCB2dWxuZXJhYmlsaXR5IGluZm9ybWF0aW9uIGlzIHVzZWQuDQozQ29tIGRvZXMgbm90IHJl
LXNlbGwgdGhlIHZ1bG5lcmFiaWxpdHkgZGV0YWlscyBvciBhbnkgZXhwbG9pdCBjb2RlLg0KSW5z
dGVhZCwgdXBvbiBub3RpZnlpbmcgdGhlIGFmZmVjdGVkIHByb2R1Y3QgdmVuZG9yLCAzQ29tIHBy
b3ZpZGVzIGl0cw0KY3VzdG9tZXJzIHdpdGggemVybyBkYXkgcHJvdGVjdGlvbiB0aHJvdWdoIGl0
cyBpbnRydXNpb24gcHJldmVudGlvbg0KdGVjaG5vbG9neS4gRXhwbGljaXQgZGV0YWlscyByZWdh
cmRpbmcgdGhlIHNwZWNpZmljcyBvZiB0aGUNCnZ1bG5lcmFiaWxpdHkgYXJlIG5vdCBleHBvc2Vk
IHRvIGFueSBwYXJ0aWVzIHVudGlsIGFuIG9mZmljaWFsIHZlbmRvcg0KcGF0Y2ggaXMgcHVibGlj
bHkgYXZhaWxhYmxlLiBGdXJ0aGVybW9yZSwgd2l0aCB0aGUgYWx0cnVpc3RpYyBhaW0gb2YNCmhl
bHBpbmcgdG8gc2VjdXJlIGEgYnJvYWRlciB1c2VyIGJhc2UsIDNDb20gcHJvdmlkZXMgdGhpcyB2
dWxuZXJhYmlsaXR5DQppbmZvcm1hdGlvbiBjb25maWRlbnRpYWxseSB0byBzZWN1cml0eSB2ZW5k
b3JzIChpbmNsdWRpbmcgY29tcGV0aXRvcnMpDQp3aG8gaGF2ZSBhIHZ1bG5lcmFiaWxpdHkgcHJv
dGVjdGlvbiBvciBtaXRpZ2F0aW9uIHByb2R1Y3QuDQoNCkNPTkZJREVOVElBTElUWSBOT1RJQ0U6
IFRoaXMgZS1tYWlsIG1lc3NhZ2UsIGluY2x1ZGluZyBhbnkgYXR0YWNobWVudHMsCmlzIGJlaW5n
IHNlbnQgYnkgM0NvbSBmb3IgdGhlIHNvbGUgdXNlIG9mIHRoZSBpbnRlbmRlZCByZWNpcGllbnQo
cykgYW5kCm1heSBjb250YWluIGNvbmZpZGVudGlhbCwgcHJvcHJpZXRhcnkgYW5kL29yIHByaXZp
bGVnZWQgaW5mb3JtYXRpb24uCkFueSB1bmF1dGhvcml6ZWQgcmV2aWV3LCB1c2UsIGRpc2Nsb3N1
cmUgYW5kL29yIGRpc3RyaWJ1dGlvbiBieSBhbnkgCnJlY2lwaWVudCBpcyBwcm9oaWJpdGVkLiAg
SWYgeW91IGFyZSBub3QgdGhlIGludGVuZGVkIHJlY2lwaWVudCwgcGxlYXNlCmRlbGV0ZSBhbmQv
b3IgZGVzdHJveSBhbGwgY29waWVzIG9mIHRoaXMgbWVzc2FnZSByZWdhcmRsZXNzIG9mIGZvcm0g
YW5kCmFueSBpbmNsdWRlZCBhdHRhY2htZW50cyBhbmQgbm90aWZ5IDNDb20gaW1tZWRpYXRlbHkg
YnkgY29udGFjdGluZyB0aGUKc2VuZGVyIHZpYSByZXBseSBlLW1haWwgb3IgZm9yd2FyZGluZyB0
byAzQ29tIGF0IHBvc3RtYXN0ZXJAM2NvbS5jb20uIAo

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH