Symantec Norton System Works AutoProtect Errors May Let Local or Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1013585 |
|
SecurityTracker URL: http://securitytracker.com/id/1013585
|
|
CVE Reference:
CVE-2005-0922, CVE-2005-0923
(Links to External Site)
|
Updated: Jul 7 2008
|
Original Entry Date: Mar 29 2005
|
Impact:
Denial of service via local system, Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2004, 2005
|
Description:
Two vulnerabilities were reported in Symantec's Norton System Works in the AutoProtect feature. A user can create a file or modify a filename to cause the target system to crash.
A user can create a specially crafted file of a specific file type. Then, when the AutoProtect feature performs a real time scan of the file, the system will crash. The file itself is not otherwise malicious. This flaw occurs in the 2004 and 2005 product versions.
If the SmartScan feature is enabled and a certain type of file stored on a network share has its filename modified, the SmartScan analysis of the filename modification may cause the SmartScan process to consume excessive CPU resources. The system may crash as a result. This flaw occurs in the 2005 product version.
The vendor credits Mr. Isamu Noguchi, the Information-Technology Promotion Agency-Japan, and JPCERT with reporting these vulnerabilities.
|
Impact:
A local or remote user can create or modify a file to cause the target system to crash. For example, the file can be created by a remote user and delivered to the target system by e-mail or a web or file server.
|
Solution:
A fix is available via LiveUpdate.
|
Vendor URL: securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html (Links to External Site)
|
Cause:
Exception handling error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
