Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Производитель ПО
Наименование ПО
Symantec AntiVirus Corporate Edition
(10.0.1.1000, 10.0.1.1001, 10.0.1.1007, 10.0.1.1009, 10.0.2.2000, 10.0.2.2002, 10.0.2.2010, 10.0.2.2011, 10.0.2.2020, 10.0.2.2021, 10.1.0.394, 10.1.0.396, 10.1.0.400, 10.1.0.401)
Описание
Переполнение буфера в стеке в Symantec Antivirus и Client Security позволяет злоумышленникам, действующим удаленно, выполнить произвольный код.
Как исправить
Используйте рекомендации производителя:
http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html
http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html
Ссылки
EEYE (EEYEB-20060524): http://www.eeye.com/html/research/upcoming/20060524.html
http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html
BID (18107): http://www.securityfocus.com/bid/18107
SECTRACK (1016161): http://securitytracker.com/id?1016161
SECTRACK (1016162): http://securitytracker.com/id?1016162
BUGTRAQ (20060527 Symantec antivirus software exposes computers): http://www.securityfocus.com/archive/1/archive/1/435200/100/0/threaded
CERT-VN (VU#404910): http://www.kb.cert.org/vuls/id/404910
FRSIRT (ADV-2006-2005): http://www.frsirt.com/english/advisories/2006/2005
FULLDISC (20060526 new symantec vuln): http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html
XF (symantec-antivirus-client-bo(26706)): http://xforce.iss.net/xforce/xfdb/26706
http://securityresponse.symantec.com/avcenter/security/Content/2006.05.25.html
BID (18107): http://www.securityfocus.com/bid/18107
SECTRACK (1016161): http://securitytracker.com/id?1016161
SECTRACK (1016162): http://securitytracker.com/id?1016162
BUGTRAQ (20060527 Symantec antivirus software exposes computers): http://www.securityfocus.com/archive/1/archive/1/435200/100/0/threaded
CERT-VN (VU#404910): http://www.kb.cert.org/vuls/id/404910
FRSIRT (ADV-2006-2005): http://www.frsirt.com/english/advisories/2006/2005
FULLDISC (20060526 new symantec vuln): http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046355.html
XF (symantec-antivirus-client-bo(26706)): http://xforce.iss.net/xforce/xfdb/26706