Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:DL:SYM-AV-RAR-BO

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Symantec AntiVirus RAR Archive Decompression Buffer Overflow

Release Date

 2010/09/17

Update Number

 1775

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Symantec AntiVirus RAR Archive Decompression Buffer Overflow


This signature detects attempts to exploit a known vulnerability in Symantec AntiVirus. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.

Extended Description

The Symantec antivirus library is prone to multiple heap-based buffer-overflow vulnerabilities. Attackers could exploit this vulnerability to compromise computers running applications that use the affected library. The issue occurs in the RAR archive decompression routines. The issue may affect all platforms running applications that use the library, including Microsoft Windows and Mac OS X releases of the applications. Symantec is currently investigating this issue. Note that the issue could affect third-party applications that include the library.

Affected Products

  • Symantec AntiSpam for SMTP 3.1.0
  • Symantec AntiVirus Corporate Edition 10.0.0
  • Symantec AntiVirus/Filtering for Domino NT 3.1.0
  • Symantec AntiVirus/Filtering for Domino NT 3.1.0 build 3.1.1
  • Symantec AntiVirus/Filtering for Domino NT 3.1.1
  • Symantec AntiVirus/Filtering for Domino Ports 3.0.0
  • Symantec AntiVirus/Filtering for Domino Ports 3.0.0 (AIX) build 3.0.5
  • Symantec AntiVirus/Filtering for Domino Ports 3.0.0 (Linux) build 3.0.5
  • Symantec AntiVirus/Filtering for Domino Ports 3.0.0 (OS400) build 3.0.5
  • Symantec AntiVirus/Filtering for Domino Ports 3.0.0 (S390)
  • Symantec AntiVirus/Filtering for Domino Ports 3.0.0 (Solaris)build 3.0.5
  • Symantec AntiVirus/Filtering for Domino Ports 3.0.11
  • Symantec AntiVirus for Handhelds 3.0.0
  • Symantec AntiVirus for Handhelds 3.0.0 .0.194
  • Symantec AntiVirus for Handhelds Corporate Edition 3.0.0
  • Symantec Antivirus for MS Office SharePoint Portal Server 2003
  • Symantec AntiVirus for SMTP 3.1.0
  • Symantec AntiVirus for SMTP 3.1.0 build 3.1.1
  • Symantec AntiVirus for SMTP 3.1.0 build 3.1.2
  • Symantec AntiVirus for SMTP 3.1.0 build 3.1.3
  • Symantec AntiVirus for SMTP 3.1.0 build 3.1.4
  • Symantec AntiVirus for SMTP 3.1.0 build 3.1.5
  • Symantec AntiVirus for SMTP 3.1.0 build 3.1.6
  • Symantec AntiVirus for SMTP 3.1.7
  • Symantec AntiVirus for SMTP 4.0.0
  • Symantec AntiVirus for SMTP 4.1.9
  • Symantec AntiVirus Scan Engine 4.0.0
  • Symantec AntiVirus Scan Engine 4.1.0
  • Symantec AntiVirus Scan Engine 4.1.8
  • Symantec AntiVirus Scan Engine 4.3.0
  • Symantec AntiVirus Scan Engine 4.3.0 build 4.3.3
  • Symantec AntiVirus Scan Engine 4.3.0 build 4.3.7.27
  • Symantec AntiVirus Scan Engine 4.3.0 build 4.3.8.29
  • Symantec AntiVirus Scan Engine 4.3.12
  • Symantec AntiVirus Scan Engine 4.3.3
  • Symantec AntiVirus Scan Engine 5.0.1
  • Symantec AntiVirus Scan Engine for Bluecoat 4.0.0
  • Symantec AntiVirus Scan Engine for Bluecoat 4.3.0
  • Symantec AntiVirus Scan Engine for Bluecoat 4.3.0 build 4.3.3
  • Symantec AntiVirus Scan Engine for Bluecoat 4.3.12
  • Symantec AntiVirus Scan Engine for Caching 4.3.0
  • Symantec AntiVirus Scan Engine for Caching 4.3.12
  • Symantec AntiVirus Scan Engine for Clearswift 4.0.0
  • Symantec AntiVirus Scan Engine for Clearswift 4.3.0
  • Symantec AntiVirus Scan Engine for Clearswift 4.3.12
  • Symantec AntiVirus Scan Engine for Filers 4.3.0
  • Symantec AntiVirus Scan Engine for Filers 4.3.0 build 4.3.3
  • Symantec AntiVirus Scan Engine for ISA 4.3.0
  • Symantec AntiVirus Scan Engine for ISA 4.3.0 build 4.3.3
  • Symantec AntiVirus Scan Engine for ISA 4.3.12
  • Symantec AntiVirus Scan Engine for Messaging 4.3.12
  • Symantec AntiVirus Scan Engine for Microsoft Portal 4.3.0
  • Symantec AntiVirus Scan Engine for Microsoft SharePoint 4.3.12
  • Symantec AntiVirus Scan Engine for Netapp Filer 4.0.0
  • Symantec AntiVirus Scan Engine for Netapp Filer 4.3.0
  • Symantec AntiVirus Scan Engine for Netapp Filer 4.3.0 build 4.3.3
  • Symantec AntiVirus Scan Engine for Netapp Filer 4.3.12
  • Symantec AntiVirus Scan Engine for Netapp NetCache 4.0.0
  • Symantec AntiVirus Scan Engine for Netapp NetCache 4.3.0
  • Symantec AntiVirus Scan Engine for Netapp NetCache 4.3.0 build 4.3.3
  • Symantec AntiVirus Scan Engine for Netapp NetCache 4.3.12
  • Symantec AntiVirus Scan Engine for Network Attached Storage 4.3.12
  • Symantec Brightmail Anti-Spam 4.0.0
  • Symantec Brightmail Anti-Spam 5.5.0
  • Symantec Brightmail Anti-Spam 6.0.0
  • Symantec Brightmail Anti-Spam 6.0.1
  • Symantec Brightmail Anti-Spam 6.0.2
  • Symantec Clientless VPN Gateway 4400 Series 5.0.0
  • Symantec Client Security 3.0.0
  • Symantec Client Security for Nokia Communicator
  • Symantec Enterprise Firewall 8.0.0
  • Symantec Enterprise Firewall 8.0.0 NT/2000
  • Symantec Enterprise Firewall 8.0.0 Solaris
  • Symantec Firewall/VPN Appliance 100
  • Symantec Firewall/VPN Appliance 200
  • Symantec Gateway Security 1.0.0
  • Symantec Gateway Security 300 2.0.0
  • Symantec Gateway Security 400 2.0.0
  • Symantec Gateway Security 5000 Series 3.0.0
  • Symantec Gateway Security 5200 1.0.0
  • Symantec Gateway Security 5300 1.0.0
  • Symantec Gateway Security 5300
  • Symantec Gateway Security 5310 1.0.0
  • Symantec Gateway Security 5400 2.0.0
  • Symantec Gateway Security 5400 2.0.1
  • Symantec Gateway Security 5440
  • Symantec I-Gear MS Proxy 3.5.0
  • Symantec Mail Security for Domino 4.0.0
  • Symantec Mail Security for Domino 4.0.0 build 4.0.1
  • Symantec Mail Security for Domino 4.0.1
  • Symantec Mail Security for Domino 4.1.0
  • Symantec Mail Security for Domino 4.1.4
  • Symantec Mail Security for Microsoft Exchange 4.0.0
  • Symantec Mail Security for Microsoft Exchange 4.0.0 build 456
  • Symantec Mail Security for Microsoft Exchange 4.0.0 build 463
  • Symantec Mail Security for Microsoft Exchange 4.0.0 build 465
  • Symantec Mail Security for Microsoft Exchange 4.0.0 build 736
  • Symantec Mail Security for Microsoft Exchange 4.0.0 build 741
  • Symantec Mail Security for Microsoft Exchange 4.0.0 build 743
  • Symantec Mail Security for Microsoft Exchange 4.5.0
  • Symantec Mail Security for Microsoft Exchange 4.5.0 build 4.5.4.743
  • Symantec Mail Security for Microsoft Exchange 4.5.0 build 719
  • Symantec Mail Security for Microsoft Exchange 4.5.0 build 736
  • Symantec Mail Security for Microsoft Exchange 4.5.0 build 741
  • Symantec Mail Security for Microsoft Exchange 4.5.0 build 743
  • Symantec Mail Security for Microsoft Exchange 4.6.0 build 4.6.1.107
  • Symantec Mail Security for Microsoft Exchange 4.6.0 build 97
  • Symantec Mail Security for Microsoft Exchange 4.6.3
  • Symantec Mail Security for Microsoft Exchange 5.0.0
  • Symantec Mail Security for SMTP 4.0.0
  • Symantec Mail Security for SMTP 4.0.0 build 4.0.2
  • Symantec Mail Security for SMTP 4.0.0 build 4.0.5.66
  • Symantec Mail Security for SMTP 4.0.0 build 4.1.4.30
  • Symantec Mail Security for SMTP 4.0.2
  • Symantec Mail Security for SMTP 4.1.0
  • Symantec Norton AntiVirus 2001
  • Symantec Norton AntiVirus 2001 Professional Edition
  • Symantec Norton AntiVirus 2002
  • Symantec Norton AntiVirus 2002 Professional Edition
  • Symantec Norton Antivirus 2003
  • Symantec Norton AntiVirus 2003 Professional Edition
  • Symantec Norton AntiVirus 2004
  • Symantec Norton Antivirus 2004 for Macintosh
  • Symantec Norton AntiVirus 2004 Professional Edition
  • Symantec Norton AntiVirus 2005 11.0.0
  • Symantec Norton AntiVirus 2005 11.0.9
  • Symantec Norton AntiVirus 2005
  • Symantec Norton AntiVirus 2005 Professional Edition
  • Symantec Norton AntiVirus 2006
  • Symantec Norton Antivirus 7.0 for Macintosh
  • Symantec Norton Antivirus 8.0 for Macintosh
  • Symantec Norton Antivirus 9.0 for Macintosh
  • Symantec Norton AntiVirus Corporate Edition 7.0.0
  • Symantec Norton AntiVirus Corporate Edition 7.2.0
  • Symantec Norton AntiVirus Corporate Edition 7.5.0
  • Symantec Norton AntiVirus Corporate Edition 7.51.0
  • Symantec Norton AntiVirus Corporate Edition 7.6.0
  • Symantec Norton AntiVirus Corporate Edition 7.60.build 926
  • Symantec Norton AntiVirus Corporate Edition 7.61.0
  • Symantec Norton AntiVirus Corporate Edition 8.0.0
  • Symantec Norton AntiVirus for Internet Email Gateways 1.0.0
  • Symantec Norton Antivirus for Macintosh 10.0.0 .0
  • Symantec Norton Antivirus for Macintosh 10.0.1
  • Symantec Norton Antivirus for Macintosh 10.9.1
  • Symantec Norton Antivirus for Macintosh 9.0.0 .0
  • Symantec Norton Antivirus for Macintosh 9.0.1
  • Symantec Norton Antivirus for Macintosh 9.0.2
  • Symantec Norton Antivirus for Macintosh 9.0.3
  • Symantec Norton Antivirus for Macintosh Corporate Edition 9.0.0
  • Symantec Norton AntiVirus for Microsoft Exchange 2.18.0 build 83
  • Symantec Norton AntiVirus for MS Exchange 1.5.0
  • Symantec Norton AntiVirus for MS Exchange 2.0.0
  • Symantec Norton AntiVirus for MS Exchange 2.1.0
  • Symantec Norton AntiVirus for MS Exchange 2.18.82
  • Symantec Norton AntiVirus for MS Exchange 2.18.85
  • Symantec Norton AntiVirus for MS Exchange 2.18.88
  • Symantec Norton AntiVirus for MS Exchange 2.5.0
  • Symantec Norton Internet Security 2001
  • Symantec Norton Internet Security 2001 Professional Edition
  • Symantec Norton Internet Security 2002
  • Symantec Norton Internet Security 2002 Professional Edition
  • Symantec Norton Internet Security 2003
  • Symantec Norton Internet Security 2004 Professional Edition
  • Symantec Norton Internet Security 2005 Professional Edition
  • Symantec Norton Internet Security 2006 Professional Edition
  • Symantec Norton Internet Security for Macintosh 2.0
  • Symantec Norton Internet Security for Macintosh 3.0
  • Symantec Norton Personal Firewall 2004
  • Symantec Norton Personal Firewall 2005
  • Symantec Norton Personal Firewall 2006
  • Symantec Norton Personal Firewall for Macintosh 3.1.0
  • Symantec Norton SystemWorks 2004
  • Symantec Norton System Works 2004 for Macintosh
  • Symantec Norton SystemWorks 2004 Professional Edition
  • Symantec Norton System Works 2005 11.0.0
  • Symantec Norton System Works 2005 11.0.9
  • Symantec Norton System Works 2005 Premier
  • Symantec Norton System Works 2005 Premier
  • Symantec Norton System Works 2006
  • Symantec Norton System Works 7.0 for Macintosh
  • Symantec Norton System Works for Macintosh 3.0
  • Symantec Web Security 3.0.1
  • Symantec Web Security 3.0.1 .70
  • Symantec Web Security 3.0.1 build 3.01.59
  • Symantec Web Security 3.0.1 build 3.01.60
  • Symantec Web Security 3.0.1 build 3.01.61
  • Symantec Web Security 3.0.1 build 3.01.62
  • Symantec Web Security 3.0.1 build 3.01.63
  • Symantec Web Security 3.0.1 build 3.01.67
  • Symantec Web Security 3.0.1 build 3.01.68
  • Symantec Web Security 3.0.1 build 3.0.1.70
  • Symantec Web Security 3.0.1 build 3.0.1.72
  • Symantec Web Security 3.0.1 build 3.0.1.74
  • Symantec Web Security 3.0.1 Build 62

References

  • BugTraq: 15971
  • CVE: CVE-2005-4438
  • URL: http://www.kb.cert.org/vuls/id/305272

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out