Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:23289
HistoryFeb 25, 2010 - 12:00 a.m.

VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow Vulnerability

2010-02-2500:00:00
vulners.com
4

VUPEN Security Research - Symantec Products "SYMLTCOM.dll" Buffer Overflow
Vulnerability

http://www.vupen.com/english/research.php

I. DESCRIPTION

VUPEN Vulnerability Research Team discovered a vulnerability in various
Symantec security products.

The vulnerability is caused by a buffer overflow error in the SYMLTCOM.dll
module when processing user-supplied data, which could be exploited by
remote attackers to execute arbitrary code by tricking a user into visiting
a specially crafted web page on a domain masqueraded as an authorized site.

II. AFFECTED PRODUCTS

Symantec N360 version 1.0
Symantec N360 version 2.0
Symantec Norton Internet Security 2006 through 2008
Symantec Norton AntiVirus 2006 through 2008
Symantec Norton SystemWorks 2006 through 2008
Symantec Norton Confidential 2006 through 2008
Symantec Client Security versions 3.0.x
Symantec Client Security versions 3.1.x

III. SOLUTION

Symantec Client Security - Upgrade to SCS 3.1 MR9

Norton Consumer products - Run LiveUpdate in interactive mode

IV. CREDIT

The vulnerabilities were discovered by VUPEN Security

V. ABOUT VUPEN Security

VUPEN is a leading IT security research company providing vulnerability
management services to allow enterprises and organizations to eliminate
vulnerabilities before they can be exploited, ensure security policy
compliance and meaningfully measure and manage risks.

VUPEN also provides research services for security vendors (antivirus,
IDS, IPS,etc) to supplement their internal vulnerability research efforts
and quickly develop vulnerability-based and exploit-based signatures,
rules, and filters, and proactively protect their customers against
potential threats.

  • VUPEN Vulnerability Notification Service:

http://www.vupen.com/english/services

  • VUPEN Exploits and In-Depth Vulnerability Analysis:

http://www.vupen.com/exploits

VI. REFERENCES

http://www.vupen.com/english/advisories/2010/0411
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100217_01
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0107

VII. DISCLOSURE TIMELINE

2008-04-07 - Vendor notified
2008-04-08 - Vendor response
2008-05-09 - Status update received
2008-06-10 - Status update received
2008-12-05 - Status update received
2010-02-18 - Patches available, public disclosure

Related for SECURITYVULNS:DOC:23289