• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Symantec AntiVirus Scan Engine Web Service Administrative Interface Buffer Overflow Vulnerability

A buffer overflow vulnerability exists in the Web-based administrative interface of the Symantec Antivirus Scan Engine. This issue is due to improper bound checking of user-supplied data prior to copying it into an insufficiently sized memory buffer.

This vulnerability allows attackers to execute arbitrary machine code in the context of the affected application. This allows remote attackers to gain privileged remote access to computers running the affected application.