Symantec Products Client Proxy Remote Buffer Overflow Vulnerability
Last Update Date:
28 Jan 2011
Release Date:
19 Feb 2010
5328
Views
RISK: Medium Risk
A vulnerability has been identified in various Symantec products, which could be exploited by remote attackers to compromise an affected system. This issue is caused by a buffer overflow error in the Client Proxy "CLIproxy.dll" ActiveX control when processing user-supplied data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
Impact
- Remote Code Execution
System / Technologies affected
- Symantec AntiVirus versions 10.0.x
- Symantec AntiVirus versions 10.1.x
- Symantec AntiVirus versions 10.2.x
- Symantec Client Security versions 3.0.x
- Symantec Client Security versions 3.1.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Symantec AntiVirus - Upgrade to version 10.1 MR9 or 10.2 MR4
- Symantec Client Security - Upgrade to version 3.1 MR9
Vulnerability Identifier
Source
Share with