Thursday, July 12, 2007 8:40 AM
cmosby
Symantec Products Internet Email Auto-Protect Stack Overflow - Advisories - Secunia
Symantec Products Internet Email Auto-Protect Stack Overflow
Secunia Advisory:
SA26036
Release Date:
2007-07-12
Critical:
Not critical
Impact:
DoS
Where:
Local system
Solution Status:
Vendor Patch
Software:
Symantec AntiVirus Corporate Edition 10.x
Symantec AntiVirus Corporate Edition 9.x
Symantec Client Security 2.x
Symantec Client Security 3.x
Description:
A vulnerability has been reported in some Symantec products, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the Internet Email Auto-Protect feature when scanning outgoing email messages. This can be exploited to cause a stack overflow via an email message containing an overly long (greater than 951 characters) string in the "To:", "From:", or "Subject" fields.
Successful exploitation crashes the Internet E-mail real-time protection service and results in subsequent outgoing SMTP email messages not being scanned.
The vulnerability is reported in the following products:
* Symantec AntiVirus Corporate Edition version 9.x and 10.0
* Symantec Client Security 2.0.x and 3.0.x
Solution:
Apply updates.
https://fileconnect.symantec.com/
Symantec AntiVirus Corporate Edition 9.x:
SAV 9 MR6 (SAV 9.0.6.1000) or later
Symantec AntiVirus Corporate Edition 10.0:
Update to version 10.1 or later
Symantec Client Security 2.0.x:
MR6 (build 1000-31)
Symantec Client Security 3.0.x:
Update to version 3.1 or later
Provided and/or discovered by:
The vendor credits Jordi Corrales.
Original Advisory:
Symantec:
http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11b.html
|
Source: Symantec Products Internet Email Auto-Protect Stack Overflow - Advisories - Secunia
Filed under: Security and Anti-Virus, Patch Management, AntiVirus Information