Symantec Confirms AV Library Flaw, Promises Patch

Posted by CowboyNeal on Thursday December 22, 2005 @10:35PM from the watching-the-watchmen dept.

the_flyswatter writes "Anti-virus vendor Symantec Corp. has publicly acknowledged that a high-risk buffer overflow vulnerability in its AntiVirus Library could lead to code execution attacks when RAR archive files are scanned. The company confirmed the issue was a buffer overflow in the AntiVirus component used to decompose RAR (Roshal Archive) files. 'A specially crafted RAR file could potentially cause this buffer overflow to occur and execute hostile content from the RAR file,' the advisory read. The bug also affects 15 consumer products, including the widely deployed Symantec Norton AntiVirus, Symantec Norton Internet Security Professional, Norton Personal Firewall and Symantec Norton Internet Security for Macintosh."

4 of 133 comments (clear)

Min score:

Reason:

Sort:

Re:You know what this means - by Anonymous Coward · 2005-12-22 22:41 · Score: -1, Offtopic

first post
Re:You know what this means - by Jotii · 2005-12-22 22:44 · Score: -1, Offtopic

You replied to another post, how was your reply supposed to have been the first post?

Oh, you just clarified the post above was the first post. Sorry.

--
[sig]
FIRST POST by Anonymous Coward · 2005-12-22 23:39 · Score: -1, Offtopic

to them...then Be 'very poorl7 Into a sling unless another folder. 20 users. Surprise Do and doing what Users. This is
F2irst!? by Anonymous Coward · 2005-12-23 02:48 · Score: -1, Offtopic

Disease5. The