News
[Security]| Friday 29th February 2008 |
Products such as Symantec AntiVirus for Network Attached Storage and Mail Security for Microsoft Exchange contain an error with the Decomposer engine (the software that uncompresses files), which could result in malicious code causing systems to crash.
"The first issue is triggered when it receives malicious content," reads an advisory on Symantec's website. "If sufficiently malformed, this could possibly cause large amounts of memory to be consumed which could result in a Denial of Service.
"The second issue is a buffer overflow that can cause the decomposer to crash causing a Denial of Service condition and the potential for remote code execution."
The company says it has solved the problem and advises IT managers to update their software to the latest version to ensure they are not affected. Customers running the LiveUpdate service will have already received the patch.
"Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue," the advisory claims.
Submit to: Digg | Slashdot | Del.icio.us | Technorati
Typical IT salary in the UK is £39K. Get fantastic IT training to find a career in IT. Apply today.
Buy Symantec Software at PC World
Protect yourself online with our great range of Symantec Internet Security and Anti-Virus offers. Reserve online and Collect@Store.
