SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Norton Internet Security Vendors:   Symantec
(Symantec Issues Fix for Norton Internet Security) Norton Anti-Virus Flaws in Symantec Decomposer Engine Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1036200
SecurityTracker URL:  http://securitytracker.com/id/1036200
CVE Reference:   CVE-2016-2207, CVE-2016-2209, CVE-2016-2210, CVE-2016-2211, CVE-2016-3644, CVE-2016-3645, CVE-2016-3646   (Links to External Site)
Date:  Jun 30 2016
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to NGC 22.7
Description:   Multiple vulnerabilities were reported in Norton Anti-Virus and other Norton products. A remote user can execute arbitrary code on the target system. Norton Internet Security is affected.

A remote user can create a specially crafted file that, when processed by the target Symantec Decomposer engine, will trigger an integer overflow, memory access error, or memory corruption error and execute arbitrary code on the target system.

RAR file decompression is affected [CVE-2016-2207].

The Dec2SS component is affected [CVE-2016-2209].

The Dec2LHA component is affected [CVE-2016-2210].

CAB decompression is affected [CVE-2016-2211].

MIME processing is affected [CVE-2016-3644].

TNEF processing is affected [CVE-2016-3645].

ZIP decompression is affected [CVE-2016-3646].

Multiple Norton products are affected:

Norton AntiVirus
Norton Security
Norton Security with Backup
Norton Internet Security
Norton 360
Norton Security for Mac
Norton Power Eraser
Norton Bootable Removal Tool

Tavis Ormandy with Google's Project Zero reported these vulnerabilities.

Impact:   A remote user can create a file that, when processed by the target application, will execute arbitrary code on the target system.
Solution:   Symantec has issued a fix for Norton Internet Security (NGC 22.7).

The Symantec advisory is available at:

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00

Vendor URL:  www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00 (Links to External Site)
Cause:   Access control error, Boundary error
Underlying OS:  Windows (Any)

Message History:   This archive entry is a follow-up to the message listed below.
Jun 29 2016 Norton Anti-Virus Flaws in Symantec Decomposer Engine Let Remote Users Execute Arbitrary Code



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC