CVE-2005-0249

3 documents3 sources

Severity

7.5HIGH

EPSS

10.6%

top 6.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Antivirus Scan Engine Symantec Brightmail Antispam Symantec Client Security +8 more

Timeline

PublishedFeb 8

Latest updateMay 1

Description

Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages11 packages

▶NVDsymantec/antivirus_scan_engine< 4.3.3

▶NVDsymantec/norton_antivirus14 versions+13

▶NVDsymantec/sav_filter3.1.1

▶NVDsymantec/web_security7 versions+6

▶NVDsymantec/mail_security4.0, 4.1, 4.5_build_719+2

Patches

Patch: www.kb.cert.org ↗Patch: www.symantec.com ↗Patch: xforce.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-4xqg-rgj7-cf6v: Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed↗2022-05-01

▶

CVEList

CVE-2005-0249: Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed↗2005-02-08

▶