Thursday, July 12, 2007 8:50 AM
cmosby
Symantec Products Real-Time Scanner Notification Window Privilege Escalation - Advisories - Secunia
Symantec Products Real-Time Scanner Notification Window Privilege Escalation
Secunia Advisory:
SA26054
Release Date:
2007-07-12
Critical:
Less critical
Impact:
Privilege escalation
Where:
Local system
Solution Status:
Vendor Patch
Software:
Symantec AntiVirus Corporate Edition 10.x
Symantec AntiVirus Corporate Edition 9.x
Symantec Client Security 2.x
Symantec Client Security 3.x
Description:
A vulnerability has been reported in some Symantec products, which can be exploited by malicious, local users to gain escalated privileges.
The vulnerability is caused due to an error in the Real-Time scanner (RTVScan) component when displaying a notification window containing information on threats found on a system. This can be exploited to execute arbitrary code with SYSTEM privileges.
The vulnerability is reported in the following products and versions:
* Symantec AntiVirus Corporate Edition versions 9.0, 10.0 and 10.1
* Symantec Client Security versions 2.0, 3.0, and 2.1
Solution:
Apply updates.
http://www.symantec.com/enterprise/support/all_products.jsp
Symantec AntiVirus Corporate Edition 9.0:
SAV 9.0.6 MR6 MP1- build 1100 or later
Symantec AntiVirus Corporate Edition 10.0/10.1:
10.1.4 MR4 MP1- build 4010 or later
Symantec Client Security 2.0:
SCS 2.0.6 MR6 MP1 - build 1100 or later
Symantec Client Security 3.0/3.1:
SCS 3.1.4 MR4 MP1 - build 4010 or later
Provided and/or discovered by:
The vendor credits Ali Rhabar, Sysdream.
Original Advisory:
Symantec:
http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html
Source: Symantec Products Real-Time Scanner Notification Window Privilege Escalation - Advisories - Secunia
Filed under: Security and Anti-Virus, Patch Management, AntiVirus Information