Another problem over at Symantec.
By Eduard Kovacs on May 17, 2016 Symantec has updated its Antivirus Engine (AVE) to address a critical memory corruption vulnerability discovered by Google Project Zero researcher Tavis Ormandy.
The flaw, tracked as CVE-2016-2208, is related to how the Symantec AVE parses executable files packed by the ASPack executable file compressor. Many Symantec and Norton products are affected, including Symantec Endpoint Antivirus, Norton Antivirus, Symantec Email Security and Symantec Scan Engine.
The vulnerability can be remotely exploited for code execution by sending a specially crafted file to the victim - either via email or by sending them a link pointing to the file. Ormandy has developed a proof-of-concept (PoC) exploit which he released after Symantec patched the issue. Full Article
Critical Vulnerability in Symantec AV Engine Exploited by Just Sending an Email
Userlevel 7
+54
Userlevel 7
Symantec is always boosting how good they are.....now they need to clean up their act a bit and plug up this vulnerability.
Userlevel 7
A bit of a g'are mistake on the part of Symantec...clearlynthey took their eye pff the ball with respect to this...LOL
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.