This application requires Javascript for optimal performance.

Symantec.Intel.Alert.Originator.Service.Buffer.Overflow

Release Date

Jun 23, 2009

Severity

critical

Impact

System Compromise

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Symantec Alert Originator Service component shipped with Symantec Client Security software.

The vulnerability is caused by an error when the vulnerable software handles a specially crafted packet. It allows a remote attacker to execute arbitrary code.

Affected Products

Symantec AntiVirus Corporate Edition version 9.0 MR6 and prior
Symantec AntiVirus Corporate Edition version 10.0 (all versions)
Symantec AntiVirus Corporate Edition version 10.1 MR7 and prior
Symantec AntiVirus Corporate Edition version 10.2 MR1 and prior

Recommended Actions

Apply the patch supplied by the vendor:
http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090428_02

Coverage

IPS
VCM

Common Vulnerabilities and Exposures (CVE)

CVE-2009-1430

Reference/s

http://www.frsirt.com/english/advisories/2009/1204 (FrSIRT)
http://www.securityfocus.com/bid/34674 (BugTraq)
http://www.securityfocus.com/bid/34672 (BugTraq)

Reference: VID-17475