Multiple.Symantec.Products.Remote.Code.Execution.Vulnerability

description-logoDescription

Symantec Endpoint Protection is an antivirus and firewall product designed for corporate use.
A flaw exists in which the decomposer engine does not perform proper bound checking of the contents of CAB archives. A remote attacker could use a specially crafted CAB archive to cause a denial of service in the form of an application crash or, possibly, execute arbitrary code (CVE-2012-4953)

affected-products-logoAffected Products

Versions of Symantec Endpoint Protection prior to 11.0
Versions of Symantec Endpoint Protection Small Business Edition prior to 12.0
Versions of Symantec AntiVirus Corporate Edition (SAVCE) prior to 10
Versions of Symantec Scan Engine (SSE) prior to 5.2.7.x

Impact logoImpact

This vulnerability could allow a remote attacker to cause a denial of service in the form of an application crash or, possibly, execute arbitrary code.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)