eEye Digital Security has reported a vulnerability in Symantec Client Security and Symantec AntiVirus Corporate Edition, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the remote management interface when processing "COM_FORWARD_LOG" commands. This can be exploited to cause a stack-based buffer overflow via a specially crafted "COM_FORWARD_LOG" command sent to port 2967/tcp.
Successful exploitation allows execution of arbitrary code with SYSTEM privileges.
Solution: Apply patches (see patch matrix in vendor advisory).
Provided and/or discovered by: Derek Soeder, eEye Digital Security.
Original Advisory: Symantec:
eEye Digital Security:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org