Buffer overflow in Symantec Antivirus_scan_engine

CVE-2007-0447

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.

Vulnerability class: Buffer Overflow

EPSS: 0.060 (92.3th percentile) — read the EPSS interpretation.

Affected products

Symantec Antivirus_scan_engine — versions 4.0, 4.1, 4.1.8
Symantec Brightmail_antispam — versions 4.0, 5.5, 6.0
Symantec Client_security — versions 2.0, 2.0.1_build_9.0.1.1000, 2.0.2_build_9.0.2.1000
Symantec Gateway_security_5000_series — versions 3.0.1
Symantec Gateway_security_5400 — versions 2.0.1
Symantec Mail_security — versions 4.0, 4.0.1, 4.1
Symantec Mail_security_8820_appliance
Symantec Norton_antivirus — versions 9.0, 9.0.0, 9.0.0.338
Symantec Norton_internet_security — versions 3.0, 2004, 2005
Symantec Norton_personal_firewall — versions 2006, 2006_9.1.0.33, 2006_9.1.1.7

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_VUPEN)
cve@mitre.org (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Patch)
cve@mitre.org (vdb-entry, x_refsource_BID)