Symantec AntiVirus Engine Vulnerable
15 Comments
Symantec has issued an advisory on a security vulnerability discovered within the web-based Administrative Interface of its AntiVirus Scan Engine. The flaw could lead to a buffer overflow that enables a remote attacker to execute arbitrary code and access a system.
Security firm iDefense discovered the problem, which is only a risk if the Web interface is enabled and open to outsiders. Symantec has issued a patch for the AntiVirus Scan Engine that can be downloaded through its support site. The company says it is unaware of any customers that were affected by the flaw.