|
 |
|
Symantec Mail Security Attachment Parsing Vulnerabilities
|
|
|
|
|
Secunia Advisory:
|
SA29342
|
|
|
Release Date:
|
2008-04-08
|
|
Last Update:
|
2008-04-09
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Symantec Mail Security Appliance 5.0.x
|
| | Software: | Symantec Mail Security for Domino 7.x
Symantec Mail Security for SMTP 5.x
|
| | CVE reference: | CVE-2007-5405 (Secunia mirror)
CVE-2007-5406 (Secunia mirror)
CVE-2007-6020 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Secunia Research has discovered some vulnerabilities in Symantec Mail Security products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerabilities are caused due to various errors within the third-party Folio Flat File reader (foliosr.dll) and Applix Graphics reader (kpagrdr.dll) and can be exploited to cause buffer overflows when a specially crafted file is checked.
For more information:
SA28209
Successful exploitation allows execution of arbitrary code, but requires that e.g. a policy is set up for scanning the contents of messages.
The vulnerabilities are confirmed in Symantec Mail Security version 5.0.1 with Patch 187 and Symantec Mail Security for Domino 7.5.0.19. Other versions may also be affected.
Solution:
Symantec Mail Security for SMTP 5.0.0:
Update to version 5.0.1 Patch 189.
Symantec Mail Security for SMTP 5.01:
Apply Patch 189.
Symantec Mail Security for Domino:
Update to version 7.5.3.25.
Symantec Mail Security Appliance:
Update to version 5.0.0-36 or later.
Provided and/or discovered by:
Dyon Balding, Secunia Research.
Changelog:
2008-04-09: Updated advisory based on additional information from the vendor.
Original Advisory:
SYM08-010:
http://securityresponse.symantec.com/avcenter/security/Content/2008.04.08e.html
Secunia Research:
http://secunia.com/secunia_research/2007-98/
http://secunia.com/secunia_research/2007-105/
Other References:
SA28209:
http://secunia.com/advisories/28209/
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
7 Related Secunia Security Advisories
|
|
|
1. Symantec Mail Security Lotus 1-2-3 File Viewer Buffer Overflows
|
|
2. Symantec Mail Security Appliance File Parsing Vulnerabilities
|
|
3. Symantec Mail Security for Domino File Parsing Vulnerabilities
|
|
4. Symantec Mail Security for SMTP File Parsing Vulnerabilities
|
|
5. Symantec Products CAB and RAR Archive Handling Vulnerabilities
|
|
6. Symantec Mail Security Executable Attachment Parsing Denial of Service
|
|
7. Symantec Mail Security for SMTP Message Handling Vulnerabilities
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
