Symantec vulnerability discovered - and fixed

Buffer overflow vulnerability found in corporate AV software.

Symantec was quick to respond late last month to the discovery of a potentially critical vulnerability in the latest versions of its corporate anti-virus software.

Securasia Congress 2009

The stack overflow vulnerability, which was discovered by researchers at eEye Digital Security in Symantec Client Security 3.x and Symantec AntiVirus Corporate Edition 10.x, would potentially allow remote attackers to execute code on the affected machine - without any user interaction.

Symantec responded to the discovery by releasing a series of intrusion prevention signatures for the affected versions of the software. The company was also quick to point out that it was not aware of any customers affected by the vulnerability, or of any exploits of the vulnerability.

01 June 2006

Tags:    del.icio.us  digg this! digg this

Poll

Who in your company is responsible for installing software patches?
System administrators
End users
I don't know

Leave a comment
Jobs Recruit Sidebar

VB2009

VB2009 VB2009 will take place 23-25 September 2009 at the Crowne Plaza Geneva, Switzerland. VB is currently seeking submissions from those wishing to present papers at VB2009. Full details are in the call for papers.
Virus Bulletin currently has 148,295 registered users.