iDEFENSE Labs has notified Symantec about a remotely exploitable buffer overflow vulnerability in the Symantec AntiVirus
Scan Engine that can allow remote attackers to execute arbitrary code. The iDEFENSE Advisory says "A remote attacker can send a specially crafted HTTP request to the
administrative Scan Engine Web Wervice on port 8004 to crash the service or
execute arbitrary code."
Patch today folks. Symantec's Advisory, (with patch and mitigation information) states the "Risk Impact" is High. Affected versions listed are;
Non-Affected Product(s)
|
Patrick 193 Posts Oct 5th 2005 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Thread locked Subscribe |
Oct 5th 2005 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!