Symantec AntiVirus Malformed CAB and RAR Compression Remote Vulnerabilities

Symantec AntiVirus products that include the Symantec Decomposer are prone to multiple remote vulnerabilities related to the handling of CAB and RAR archives. These issues include a denial-of-service vulnerability and a buffer-overflow vulnerability.

Successfully exploiting these issues allows remote attackers to execute arbitrary machine code with SYSTEM-level privileges or to cause the affected application to enter an infinite loop, resulting in a denial-of-service condition.


Privacy Statement
Copyright 2010, SecurityFocus