A flaw in the Symantec's desktop antivirus for corporations could allow
an attacker to compromise a victim's system without relying on any user
interaction, security firm eEye Digital Security said in an advisory
posted this week.
The security firm published an upcoming advisory on the vulnerability on Thursday, a day after notifying Symantec of the flaw. The flaw
affects Symantec Antivirus 10.x and Symantec Client Security 3.x,
according to the eEye's tests. Symantec, which confirmed the
vulnerability on Friday, stressed that it does not affect any of its
consumer desktop security products. (SecurityFocus is owned by
Symantec.)