TUCoPS :: Security App Flaws :: win6002.htm

Symantec Norton AntiVirus buffer overflow in scanning compressed files
20th Feb 2003 [SBWID-6002]
COMMAND

	Symantec Norton AntiVirus buffer overflow in scanning compressed files

SYSTEMS AFFECTED

	Symantec Norton AntiVirus 2002 (version 8.07.17C)

PROBLEM

	In  Secure  Net  Service(SNS)   [snsadv@lac.co.jp]   Computer   Security
	Laboratory,  LAC  [http://www.lac.co.jp/security/]   security   advisory
	[No.61], by ARAI Yuu [y.arai@lac.co.jp] :
	
	 http://www.lac.co.jp/security/english/snsadv_e/61_e.html
	
	
	The e-mail scanning function  in  Symantec  Norton  AntiVirus  2002  may
	cause a Buffer Overflow.
	
	 Problem Description:
	 --------------------
	
	The e-mail scanning function in  Symantec  Norton  AntiVirus  2002  will
	cause a Buffer Overflow when  it  receives  an  e-mail  message  with  a
	compressed file which includes a file with an unusually long filename.
	
	An attacker could exploit this problem to execute  arbitrary  code  with
	the privilege of the currently logged on user.

SOLUTION

	Update AntiVirus 2002 by using LiveUpdate.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH