'High' risk in Symantec (Norton) antivirus software flaw

Discussion in 'Computer Support' started by Tony, Dec 21, 2005.

  1. Tony

    Tony Guest

    Alex Wheeler has reported a vulnerability in Symantec Antivirus, which
    potentially can be exploited by malicious people to compromise a vulnerable

    The vulnerability is caused due to a boundary error in Dec2Rar.dll when
    copying data based on the length field in the sub-block headers of a RAR
    archive. This can be exploited to cause a heap-based buffer overflow and may
    allow arbitrary code execution when a malicious RAR archive is scanned.

    The vulnerability has been reported in Dec2Rar.dll version and
    potentially affects all Symantec products that use the DLL.

    Affected software listed here http://secunia.com/advisories/18131/

    Symantec has not yet released a patch to address this problem. In the
    meantime, Wheeler recommends that users "disable scanning of RAR-compressed
    files until the vulnerable code is fixed."
    Tony, Dec 21, 2005
    1. Advertisements

  2. Tony

    Evan Platt Guest

    I think a better suggestion would be to remove Symantec and use
    something else.
    Evan Platt, Dec 21, 2005
    1. Advertisements

  3. Tony

    joevan Guest

    Like Kaspersky, which is the best and prolly cost no more than
    joevan, Dec 21, 2005
    Eroluk the minnow-embezzler, Dec 21, 2005
  5. Tony

    Noel Paton Guest

    Noel Paton, Dec 21, 2005
  6. Tony

    Plato Guest

    All anti-virus programs have niggles. This is NOT new news.
    Plato, Dec 22, 2005
  7. Tony

    Tony Guest

    Not just anti-virus programs but lots of programs do. This is a specific
    vulnerability that has just been announced so this is "new news". I posted
    it to inform people who may wish to know and might have an issue if they
    download RAR files. If you don't want to know then move on and don't read
    the post.
    Tony, Dec 22, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.