Intrusion Prevention

Symantec.AntiVirus.Engine.RAR.File.Parsing.DoS

Description

This indicates a possible exploit of a denial of service vulnerability in Symantec's AntiVirus Engine.
This flaw resides in a forged PACK_SIZE field of a RAR file header.

Affected Products

Symantec AntiVirus Engine.

Impact

Denial of service.

Recommended Actions

Symantec has issued an update to correct this vulnerability:
http://www.symantec.com/avcenter/security/Content/2007.07.11f.html

CVE References

CVE-2007-3699

Other References

ZDI-07-039