Anti-virus vendor Symantec Corp. has publicly acknowledged that a
high-risk buffer overflow vulnerability in its AntiVirus Library could
lead to code execution attacks when RAR archive files are scanned.
Fri, Dec 23 2005 7:54
Symantec Confirms AV Library Flaw, Promises Patches
One day after private security researcher Alex Wheeler flagged the issue as a serious risk, Symantec issued an advisory of its own, confirming the vulnerability exists in 64 enterprise and consumer-facing products.
"Symantec is currently working to create and distribute product updates for all affected products," the company said in a note to customers.
Related Story: http://msmvps.com/blogs/donpatterson/archive/2005/12/20/79539.aspx
Filed under: News