Description
Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.
Product(s):
- Symantec Symantec AntiVirus Scan Engine 4.3.7.27
- Symantec Mail Security 4.0.5.66 for SMTP
- Symantec Mail Security 4.5.4.743 for Exchange
- Symantec Norton Antivirus 2005_11.0.0
- Symantec Norton Internet Security 2005 Contains NAV 11.0.0
- Symantec Norton System Works 2005 Contains NAV 11.0.0
- Symantec SymAV Filter Domino NT 3.1.1.87
- Symantec Web Security 3.0.1.72
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-1346, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-1346 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.