In association with heise online

27 February 2008, 14:46

Security update for several Symantec antivirus products

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Symantec has released an update for a number of its antivirus products to correct two vulnerabilities in the Symantec Scan Engine when handling RAR files. The Scan Engine is a standalone scanner that communicates with other programs across a network. It listens on TCP port 1344 and accepts files for scanning using the Internet Content Adaptation Protocol (ICAP).

According to the advisory, malformed RAR files can provoke a buffer overflow that could allow arbitrary code to be written and executed on a computer. A second vulnerability can cause excessive memory usage, leading to system instability. The problem affects Symantec Scan Engine up to and including Version, which is incorporated in many server-based products; a full list is given in the advisory.

The update is already being distributed via LiveUpdate.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit