Symantec AntiVirus vulnerability found
Friday, May 26, 2006
 |
This page has been automatically archived by a robot, and is no longer publicly editable.
Got a correction? Add the template {{editprotected}} to the talk page along with your corrections, and it will be brought to the attention of the administrators. Please note that the listed sources may no longer be available online. |
Vulnerability allegedly affecting at least two versions of Symantec AntiVirus software has been found. The vulnerability requires no interaction from the end-user, and has the potential to grant complete system level access to an attacker, according to eEye Digital Security, the organization that originally discovered the vulnerability.
According to eEye, the Symantec AntiVirus 10.x and Symantec Client Security 3.x product lines are both vulnerable, and other Symantec products may be vulnerable as well.
Symantec released a brief statement early today, in which they confirmed that they have received a report pertaining to a "potential remotely exploitable vulnerability," but that it affected only AntiVirus Corporate Edition 10.x. The company denies that any of its 'Norton' line of consumer-grade products are affected.
Sources
- "eEye Vulnerability Assessment" — eEye Digital Security, May 24, 2006
- "Symantec AntiVirus 10.x Reported Vulnerability" — Symantec Corporation, May 25, 2006
- Wolfgang Gruener. "Symantec's antivirus software vulnerable to worms - security firm" — TG Daily, May 26, 2006