News source: rem0te.com
Symantec Antivirus Heap Overflow Advisory
Security researcher Alex Wheeler has released an advisory that could potentially affect a large portion of Symantec's antivirus products including gateway, server, and client versions on most platforms. The flaw occurs during the decompression process when scanning RAR files. During this process the affected systems can experience multiple heap overflows allowing attackers complete control of the system(s). This flaw can be exploited remotely and without any user interaction through protocols such as SMTP. Wheeler warns that in default configurations users are likely vulnerable regardless of whether they choose to open or read an infected e-mail. Wheeler also recommends disabling scanning of RAR files until this vulnerability is fixed.
News source: rem0te.com