Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > May 2006 > SYM06-010 - Symantec Client Security and Symantec AntiVirus Elevation of Privilege

May 2006

SYM06-010 - Symantec Client Security and Symantec AntiVirus Elevation of Privilege

ID: 00379
Ref: 371/2006
Date: 27 May 2006:23:17:51
Version: 1
Title: SYM06-010 - Symantec Client Security and Symantec AntiVirus Elevation of Privilege
Abstract: A stack overflow in Symantec Client Security and Symantec AntiVirus Corporate Edition could potentially allow a remote or local attacker to execute code on the affected machine.
Vendors affected: Symantec
Operating systems affected: Symantec
Applications affected: Symantec
Symantec was notified that Symantec Client Security and Symantec AntiVirus
Corporate Edition are susceptible to a potential stack overflow. Exploiting this
overflow successfully could potentially cause a system crash, or allow a remote
or local attacker to execute arbitrary code with System level rights on the
affected system.

Full details of the problem and mitigation advice is available from:
http://www.symantec.com/avcenter/security/Content/2006.05.25.html
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |