Symantec AntiVirus Remote Stack Buffer Overflow Vulnerability

Reports indicate that the worms 'W32.Spybot.ACYR' and 'W32.Spybot.AMTE' may be exploiting this issue in the wild.

An exploit is available to members of the Immunity Partner's program:

https://www.immunityinc.com/downloads/immpartners/symantec_rm.tar

This issue is actively being exploited in the wild by 'W32.Sagevo'. A recent spike of exploit activity is also reported.

UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.


 

Privacy Statement
Copyright 2010, SecurityFocus