Vulnerability in Symantec Antivirus_scan_engine
CVE-2005-0249
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
EPSS: 0.188 (96.9th percentile) — read the EPSS interpretation.
Affected products
- Symantec Antivirus_scan_engine
- Symantec Brightmail_antispam — versions 4.0, 5.5
- Symantec Client_security — versions 1.0.1_build_8.01.434, 1.0.1_build_8.01.437, 1.0.1_build_8.01.446
- Symantec Gateway_security — versions 1.0, 2.0, 2.0.1
- Symantec Mail_security — versions 4.0, 4.1, 4.5_build_719
- Symantec Norton_antivirus — versions 2.18_build_83, 8.1.1.319, 8.1.1.323
- Symantec Norton_internet_security — versions 2004
- Symantec Norton_system_works — versions 2004
- Symantec Sav_filter_domino_nt_ports — versions build3.0.5
- Symantec Sav_filter_for_domino_nt — versions 3.1.1
References
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, Patch, Third Party Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_ISS, Patch, Vendor Advisory, third-party-advisory)
- cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (VDB Entry, vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)