Symantec Confirms AV Library Flaw, Promises Patch

the_flyswatter writes "Anti-virus vendor Symantec Corp. has publicly acknowledged that a high-risk buffer overflow vulnerability in its AntiVirus Library could lead to code execution attacks when RAR archive files are scanned. The company confirmed the issue was a buffer overflow in the AntiVirus component used to decompose RAR (Roshal Archive) files. 'A specially crafted RAR file could potentially cause this buffer overflow to occur and execute hostile content from the RAR file,' the advisory read. The bug also affects 15 consumer products, including the widely deployed Symantec Norton AntiVirus, Symantec Norton Internet Security Professional, Norton Personal Firewall and Symantec Norton Internet Security for Macintosh."

That's what you get for

[letdinosaursdie]

The Microsoft solution to the Microsoft solution to the Microsoft solution to the Microsoft solution to the...

Re:Why confess?

[wasudeo]

FTA,

Symantec didn't confess of their own accord. This vulnerability was publicised by a "security researcher" called Alex Wheeler.

like it wasn't bad enought before

[phntm]

i'm a netadmin on an irc network and i've seen many zombie botnets, most of them are running "up-to-date" symantec antivirus products and feel safe while behind their backs their systems keep ddosing and hogging bandwith.
symantec doesn't make me feel safe for sure.

buffer overflow in unrar?

[wolf550e]

Does anyone know if Symantec wrote their own unrar library that is insecure or have they used Roshal's free code which was probably known to be insecure and someone just discoverd they didn't bother to fix it before including in their products?

Re:You know what this means -

[ozmanjusri]

ps. why is there no (or where is it ?) opensource antivirus software for windows ?

http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8 &q=opensource%20antivirus%20software%20for%20windo ws