SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Norton Anti-Virus Vendors:   Symantec
Norton Anti-Virus Flaws in Symantec Decomposer Engine Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1036199
SecurityTracker URL:  http://securitytracker.com/id/1036199
CVE Reference:   CVE-2016-2207, CVE-2016-2209, CVE-2016-2210, CVE-2016-2211, CVE-2016-3644, CVE-2016-3645, CVE-2016-3646   (Links to External Site)
Date:  Jun 29 2016
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to NGC 22.7
Description:   Multiple vulnerabilities were reported in Norton Anti-Virus and other Norton products. A remote user can execute arbitrary code on the target system.

A remote user can create a specially crafted file that, when processed by the target Symantec Decomposer engine, will trigger an integer overflow, memory access error, or memory corruption error and execute arbitrary code on the target system.

RAR file decompression is affected [CVE-2016-2207].

The Dec2SS component is affected [CVE-2016-2209].

The Dec2LHA component is affected [CVE-2016-2210].

CAB decompression is affected [CVE-2016-2211].

MIME processing is affected [CVE-2016-3644].

TNEF processing is affected [CVE-2016-3645].

ZIP decompression is affected [CVE-2016-3646].

Multiple Norton products are affected:

Norton AntiVirus
Norton Security
Norton Security with Backup
Norton Internet Security
Norton 360
Norton Security for Mac
Norton Power Eraser
Norton Bootable Removal Tool

Tavis Ormandy with Google's Project Zero reported these vulnerabilities.

Impact:   A remote user can create a file that, when processed by the target application, will execute arbitrary code on the target system.
Solution:   The vendor has issued a fix (NGC 22.7; available via LiveUpdate).

The vendor's advisory is available at:

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00

Vendor URL:  www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 (Links to External Site)
Cause:   Access control error, Boundary error
Underlying OS:  Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jun 30 2016 (Symantec Issues Fix for Norton Internet Security) Norton Anti-Virus Flaws in Symantec Decomposer Engine Let Remote Users Execute Arbitrary Code
Symantec has issued a fix for Norton Internet Security.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC