Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-5309

CWE-125 — Out-of-bounds Read4 documents4 sources

Severity

5.5MEDIUM

EPSS

8.0%

top 7.89%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Csapi Symantec Endpoint Protection Symantec Endpoint Protection FOR Small Business +6 more

Timeline

PublishedApr 14

Latest updateMay 13

Description

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection (SEP) for Windows before 12.1.6 MP5; Symantec Endpoint Protection (SEP) for Mac; Symantec Endpoint Protection (SEP) for Linux before 12.1.6 MP6; Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud); Symantec Endpoint Protection Cloud (SEPC) for Windows/Ma…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages6 packages

▶NVDsymantec/endpoint_protection12.1.4+1

▶NVDsymantec/protection_engine7.0.5+7

▶NVDsymantec/protection5 versions+4

▶NVDsymantec/mail_security8.0.9+12

▶NVDsymantec/messaging_gateway10.6.1+2

Patches

Patch: bugs.chromium.org ↗Patch: bugs.chromium.org ↗

🔴Vulnerability Details

GHSA

GHSA-v822-2p42-8376: The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security↗2022-05-13

▶

CVEList

CVE-2016-5309: The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network (ATP); Symantec Email Security↗2017-04-14

▶

💥Exploits & PoCs

Exploit-DB

Symantec RAR Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write↗2016-09-21

▶