Symantec AntiVirus Corporate Edition Multiple Local Format String Vulnerabilities

Symantec AntiVirus Corporate Edition is prone to multiple format-string vulnerabilities because it fails to properly sanitize user-supplied input before using it in the format-specifier argument to a formatted-printing function.

Successfully exploiting these vulnerabilities may allow an attacker to execute arbitrary machine code with SYSTEM-level privileges. Attackers may also crash the Real Time Virus Scan service.


Privacy Statement
Copyright 2010, SecurityFocus