'High' risk in Symantec (Norton) antivirus software flaw

Discussion in 'Computer Support' started by Tony, Dec 21, 2005.

  1. Tony

    Tony Guest

    Alex Wheeler has reported a vulnerability in Symantec Antivirus, which
    potentially can be exploited by malicious people to compromise a vulnerable
    system.

    The vulnerability is caused due to a boundary error in Dec2Rar.dll when
    copying data based on the length field in the sub-block headers of a RAR
    archive. This can be exploited to cause a heap-based buffer overflow and may
    allow arbitrary code execution when a malicious RAR archive is scanned.

    The vulnerability has been reported in Dec2Rar.dll version 3.2.14.3 and
    potentially affects all Symantec products that use the DLL.

    Affected software listed here http://secunia.com/advisories/18131/

    Symantec has not yet released a patch to address this problem. In the
    meantime, Wheeler recommends that users "disable scanning of RAR-compressed
    files until the vulnerable code is fixed."
     
    Tony, Dec 21, 2005
    #1
    1. Advertising

  2. Tony

    Evan Platt Guest

    On Wed, 21 Dec 2005 19:24:22 -0000, "Tony" <> wrote:

    >Symantec has not yet released a patch to address this problem. In the
    >meantime, Wheeler recommends that users "disable scanning of RAR-compressed
    >files until the vulnerable code is fixed."


    I think a better suggestion would be to remove Symantec and use
    something else.
     
    Evan Platt, Dec 21, 2005
    #2
    1. Advertising

  3. Tony

    joevan Guest

    On Wed, 21 Dec 2005 11:34:16 -0800, Evan Platt
    <> wrote:

    >On Wed, 21 Dec 2005 19:24:22 -0000, "Tony" <> wrote:
    >
    >>Symantec has not yet released a patch to address this problem. In the
    >>meantime, Wheeler recommends that users "disable scanning of RAR-compressed
    >>files until the vulnerable code is fixed."

    >
    >I think a better suggestion would be to remove Symantec and use
    >something else.


    Like Kaspersky, which is the best and prolly cost no more than
    Symantec.
    --
    "Politicians are like diapers. They should both be changed frequently
    and for the same reason."
     
    joevan, Dec 21, 2005
    #3
  4. Re: pains in my head

    joevan <> wrote:

    > I've got a haemmorrhoid sticking out. It's all squeezy & squashy down
    > there; it's about the size of a wallnut. Can I snip it off?
     
    Eroluk the minnow-embezzler, Dec 21, 2005
    #4
  5. Tony

    Noel Paton Guest

    "Evan Platt" <> wrote in message
    news:...
    > On Wed, 21 Dec 2005 19:24:22 -0000, "Tony" <> wrote:
    >
    >>Symantec has not yet released a patch to address this problem. In the
    >>meantime, Wheeler recommends that users "disable scanning of
    >>RAR-compressed
    >>files until the vulnerable code is fixed."

    >
    > I think a better suggestion would be to remove Symantec and use
    > something else.


    *Anything* else??

    Common sense is a good starting point!

    --
    Noel Paton (MS-MVP 2002-2006, Windows)

    Nil Carborundum Illegitemi
    http://www.crashfixpc.com/millsrpch.htm

    http://tinyurl.com/6oztj

    Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
     
    Noel Paton, Dec 21, 2005
    #5
  6. Tony

    Plato Guest

    Tony wrote:
    >
    > Alex Wheeler has reported a vulnerability in Symantec Antivirus, which
    > potentially can be exploited by malicious people to compromise a vulnerable
    > system.


    All anti-virus programs have niggles. This is NOT new news.




    --
    http://www.bootdisk.com/
     
    Plato, Dec 22, 2005
    #6
  7. Tony

    Tony Guest

    "Plato" <|@|.|> wrote in message
    news:43aa4d14$1$33425$...
    > Tony wrote:
    >>
    >> Alex Wheeler has reported a vulnerability in Symantec Antivirus, which
    >> potentially can be exploited by malicious people to compromise a
    >> vulnerable
    >> system.

    >
    > All anti-virus programs have niggles. This is NOT new news.
    >

    Not just anti-virus programs but lots of programs do. This is a specific
    vulnerability that has just been announced so this is "new news". I posted
    it to inform people who may wish to know and might have an issue if they
    download RAR files. If you don't want to know then move on and don't read
    the post.
     
    Tony, Dec 22, 2005
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Tim

    Sophos AntiVirus Vs Norton AntiVirus

    Tim, Aug 16, 2003, in forum: Computer Support
    Replies:
    7
    Views:
    10,435
    Robert de Brus
    Aug 17, 2003
  2. Au79

    MICROSOFT Investigating High-Risk IE Flaw

    Au79, Sep 3, 2005, in forum: Computer Support
    Replies:
    0
    Views:
    438
  3. Johnny Canuck

    Symantec Antivirus Corporate vs. Norton Anti-Virus

    Johnny Canuck, Oct 4, 2004, in forum: Computer Security
    Replies:
    13
    Views:
    12,316
    Wimbo
    Oct 6, 2004
  4. Imhotep

    IE Flaw Puts Windows XP SP2 At Risk

    Imhotep, Sep 17, 2005, in forum: Computer Security
    Replies:
    0
    Views:
    413
    Imhotep
    Sep 17, 2005
  5. alexander rickert

    symantec: norton antivirus versus norton antivirus corporate

    alexander rickert, Nov 3, 2004, in forum: Computer Information
    Replies:
    3
    Views:
    1,200
    James Baber
    Nov 3, 2004
Loading...

Share This Page