CVE-2005-0249 - Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attack

CVE-2005-0249

Summary

Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.

References

Vulnerable Configurations

cpe:2.3:a:symantec:antivirus_scan_engine:-:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:-:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.1.8:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.1.9:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.1.9:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.434:mr3:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.437:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.446:mr4:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.457:mr5:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.460:mr6:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.464:mr7:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.0.1_build_8.01.471:mr8:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr1_build_8.1.1.314a:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr2_build_8.1.1.319:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr3_build_8.1.1.323:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr4_build_8.1.1.329:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
cpe:2.3:a:symantec:client_security:1.1.1_mr5_build_8.1.1.336:*:*:*:*:*:*:*
cpe:2.3:a:symantec:gateway_security:1.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:gateway_security:1.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:gateway_security:2.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:gateway_security:2.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:gateway_security:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build_458:exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build_458:exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build_459:exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build_459:exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build_461:exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.1:build_461:exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*
cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2.18_build_83:*:exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2.18_build_83:*:exchange:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.319:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.323:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1.329:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.1.1_build8.1.1.314a:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.434:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.437:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.446:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.457:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.460:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.464:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:8.01.471:*:corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh_corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:9.0:*:macintosh_corporate:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2004:*:windows:*:*:*:*:*
cpe:2.3:a:symantec:norton_antivirus:2004:*:windows:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
cpe:2.3:a:symantec:norton_internet_security:2004:*:professional:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2004:*:windows:*:*:*:*:*
cpe:2.3:a:symantec:norton_system_works:2004:*:windows:*:*:*:*:*
cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:aix:*:*:*:*:*
cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:aix:*:*:*:*:*
cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:os_400:*:*:*:*:*
cpe:2.3:a:symantec:sav_filter_domino_nt_ports:build3.0.5:*:os_400:*:*:*:*:*
cpe:2.3:a:symantec:sav_filter_for_domino_nt:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:sav_filter_for_domino_nt:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*
cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 20-09-2019 - 13:24)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

cert-vn	VU#107822
confirm	http://www.symantec.com/avcenter/security/Content/2005.02.08.html
iss	20050208 Symantec AntiVirus Library Heap Overflow
sectrack	1013133
xf	upx-engine-gain-control(18869)

Last major update

20-09-2019 - 13:24

Published

08-02-2005 - 05:00

Last modified

20-09-2019 - 13:24