CERTA-2005-AVI-062
Vulnerability from certfr_avis - Published: 2005-02-10 - Updated: 2005-02-10
Une vulnérabilité présente dans divers produits Symantec lors du traitement des fichiers compressés avec UPX permet l'exécution de code arbitraire à distance.
Description
Une vulnérabilité a été découverte dans le moteur DEC2EXE qui est utilisé par les anciennes versions des produits Symantec pour le traitement des fichiers compressés avec UPX. Un utilisateur mal intentionné peut, par l'intermédiaire d'un fichier compressé UPX habilement constitué, exécuter du code arbitraire à distance.
Le moteur DEC2EXE n'est plus utilisé dans les versions récentes des produits Symantec.
Solution
Appliquer le correctif de Symantec, disponible depuis la page :
http://www.symantec.com/techsupp
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Symantec | N/A | Symantec Norton System Works pour Macintosh 3.0. | ||
| Symantec | N/A | Symantec AntiVirus pour Caching versions antérieures à 4.3.3 ; | ||
| Symantec | N/A | Symantec Norton Internet Security 2004 (pro) pour Windows ; | ||
| Symantec | N/A | Symantec Norton System Works 2004 pour Windows ; | ||
| Symantec | N/A | Symantec BrightMail AntiSpam 5.5 ; | ||
| Symantec | N/A | Symantec AntiVirus pour Network Attached Storage versions antérieures à 4.3.3 ; | ||
| Symantec | N/A | Symantec AntiVirus Corporate Edition 9.0 versions antérieures à 9.01.1000 ; | ||
| Symantec | N/A | Symantec AntiVirus Scan Engine 4.3 versions antérieures à 4.3.3 ; | ||
| Symantec | N/A | Symantec Norton Antivirus 9.0 pour Macintosh ; | ||
| Symantec | N/A | Symantec Norton System Works 2004 pour Macintosh ; | ||
| Symantec | N/A | Symantec AntiVirus Corporate Edition 8.01, 8.1.1 ; | ||
| Symantec | N/A | Symantec AntiVirus/Filtering pour Domino Ports 3.0 (OS400, Linux, Solaris) versions antérieures à 3.0.7 ; | ||
| Symantec | N/A | Symantec AntiVirus/Filtering pour Domino NT 3.1 versions antérieures à 3.1.1 ; | ||
| Symantec | N/A | Symantec Norton Internet Security 2004 pour Macintosh ; | ||
| Symantec | N/A | Symantec BrightMail AntiSpam 4.0 ; | ||
| Symantec | N/A | Symantec Norton Antivirus 2004 pour Macintosh ; | ||
| Symantec | N/A | Symantec Web Security 3.0 versions antérieures à 3.0.1.70 ; | ||
| Symantec | N/A | Symantec Gateway Security 2.0, 2.0.1 - 5400 Series ; | ||
| Symantec | N/A | Norton AntiVirus pour Microsoft Exchange 2.1 versions antérieures à 2.18.85 ; | ||
| Symantec | N/A | Symantec Mail Security pour Microsoft Exchange 4.5 versions antérieures à 4.5.3 ; | ||
| Symantec | N/A | Symantec Norton Internet Security pour Macintosh 3.0 ; | ||
| Symantec | N/A | Symantec Norton Antivirus 2004 pour Windows ; | ||
| Symantec | N/A | Symantec Mail Security pour Domino 4.0 versions antérieures à 4.0.1 ; | ||
| Symantec | N/A | Symantec Mail Security pour Microsoft Exchange 4.0 versions antérieures à 4.0.10.465 ; | ||
| Symantec | N/A | Symantec AntiVirus/Filtering pour Domino Ports 3.0 (AIX) versions antérieures à 3.0.6 ; | ||
| Symantec | N/A | Symantec Client Security 1.0 ; | ||
| Symantec | N/A | Symantec Mail Security pour SMTP 4.0 versions antérieures à 4.0.2 ; | ||
| Symantec | N/A | Symantec AntiVirus pour SMTP 3.1 versions antérieures à 3.1.7 ; | ||
| Symantec | N/A | Symantec Client Security 2.0 versions antérieures à 9.01.1000 ; | ||
| Symantec | N/A | Symantec Gateway Security 1.0 - 5300 Series ; |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Symantec Norton System Works pour Macintosh 3.0.",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus pour Caching versions ant\u00e9rieures \u00e0 4.3.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton Internet Security 2004 (pro) pour Windows ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton System Works 2004 pour Windows ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec BrightMail AntiSpam 5.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus pour Network Attached Storage versions ant\u00e9rieures \u00e0 4.3.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus Corporate Edition 9.0 versions ant\u00e9rieures \u00e0 9.01.1000 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus Scan Engine 4.3 versions ant\u00e9rieures \u00e0 4.3.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton Antivirus 9.0 pour Macintosh ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton System Works 2004 pour Macintosh ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus Corporate Edition 8.01, 8.1.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus/Filtering pour Domino Ports 3.0 (OS400, Linux, Solaris) versions ant\u00e9rieures \u00e0 3.0.7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus/Filtering pour Domino NT 3.1 versions ant\u00e9rieures \u00e0 3.1.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton Internet Security 2004 pour Macintosh ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec BrightMail AntiSpam 4.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton Antivirus 2004 pour Macintosh ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Web Security 3.0 versions ant\u00e9rieures \u00e0 3.0.1.70 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Gateway Security 2.0, 2.0.1 - 5400 Series ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Norton AntiVirus pour Microsoft Exchange 2.1 versions ant\u00e9rieures \u00e0 2.18.85 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security pour Microsoft Exchange 4.5 versions ant\u00e9rieures \u00e0 4.5.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton Internet Security pour Macintosh 3.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Norton Antivirus 2004 pour Windows ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security pour Domino 4.0 versions ant\u00e9rieures \u00e0 4.0.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security pour Microsoft Exchange 4.0 versions ant\u00e9rieures \u00e0 4.0.10.465 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus/Filtering pour Domino Ports 3.0 (AIX) versions ant\u00e9rieures \u00e0 3.0.6 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Client Security 1.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Mail Security pour SMTP 4.0 versions ant\u00e9rieures \u00e0 4.0.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec AntiVirus pour SMTP 3.1 versions ant\u00e9rieures \u00e0 3.1.7 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Client Security 2.0 versions ant\u00e9rieures \u00e0 9.01.1000 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Gateway Security 1.0 - 5300 Series ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le moteur DEC2EXE qui est\nutilis\u00e9 par les anciennes versions des produits Symantec pour le\ntraitement des fichiers compress\u00e9s avec UPX. Un utilisateur mal\nintentionn\u00e9 peut, par l\u0027interm\u00e9diaire d\u0027un fichier compress\u00e9 UPX\nhabilement constitu\u00e9, ex\u00e9cuter du code arbitraire \u00e0 distance.\n\nLe moteur DEC2EXE n\u0027est plus utilis\u00e9 dans les versions r\u00e9centes des\nproduits Symantec.\n\n## Solution\n\nAppliquer le correctif de Symantec, disponible depuis la page :\n\n http://www.symantec.com/techsupp\n",
"cves": [],
"initial_release_date": "2005-02-10T00:00:00",
"last_revision_date": "2005-02-10T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM05-005 du 08 f\u00e9vrier 2005 :",
"url": "http://www.sarc.com/avcenter/security/Content/2005.02.08.html"
}
],
"reference": "CERTA-2005-AVI-062",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2005-02-10T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans divers produits Symantec lors du\ntraitement des fichiers compress\u00e9s avec UPX permet l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans les produits Symantec",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Symantec SYM05-003 du 08 f\u00e9vrier 2005",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…