Skip to main content

Symantec Antivirus products CAB files Vulnerability

Last Update Date: 6 Nov 2012 10:33 Release Date: 6 Nov 2012 5716 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in multiple Symantec Antivirus products, which can be exploited by a remote, unauthenticated attacker to execute arbitrary code with SYSTEM privileges.

 

The CAB file decomposer component that is used by multiple Symantec Antivirus products fails to properly handle malformed CAB files, which can result in memory corruption. Successful exploitation may result in arbitrary code execution as the result of a file being scanned.


Impact

  • Remote Code Execution

System / Technologies affected

  • Symantec Endpoint Protection 11 uses dec_abi.dll
  • Symantec Scan Engine 5.2 uses Dec2CAB.dll

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to Symantec Endpoint Protection 12

Vulnerability Identifier

  • No CVE information is available

Source


Related Link