In association with heise online

29 October 2007, 21:58

Holes in Symantec Mail Security products

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Symantec's Mail Security for Exchange, Domino, and SMTP contain a number of vulnerabilities in the parsing of files that can reportedly be exploited to compromise a system. According to Secunia, the problem is based on the same flaws recently reported in Lotus Notes: in File Viewer, manipulated documents provoke a buffer overflow that allows code to be copied onto the stack and executed.

Both Symantec's and IBM's File Viewer are reportedly based on Verity Keyview SDK, in which the files/modules mifsr.dll, awsr.dll, kpagrdr.dll, exesr.dll, rtfsr.dll, mwsr.dll and exesr.dll are reportedly vulnerable. However, the product has to be configured to analyze Word or FrameMaker attachments for the flaws to be exploited. The problem was quietly patched for Windows, Linux, and Solaris versions with patch 181 and 182 for version 5.0.1 of Mail Security for SMTP. On the other hand, there are no updates for the vulnerable Exchange version 5.0.7.373 and Domino version 7.5.0.19. Version 6 of Mail Security for Exchange is, however, available, though it is not clear whether this version is also vulnerable.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-733860
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit