ID CVE-2005-1346
Summary Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:mail_security:4.0.5.66:*:smtp:*:*:*:*:*
    cpe:2.3:a:symantec:mail_security:4.0.5.66:*:smtp:*:*:*:*:*
  • cpe:2.3:a:symantec:mail_security:4.5.4.743:*:exchange:*:*:*:*:*
    cpe:2.3:a:symantec:mail_security:4.5.4.743:*:exchange:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_antivirus:2005_11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_antivirus:2005_11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_internet_security:2005_contains_nav_11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_internet_security:2005_contains_nav_11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:norton_system_works:2005_contains_nav_11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:norton_system_works:2005_contains_nav_11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:symav_filter_domino_nt:3.1.1.87:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:symav_filter_domino_nt:3.1.1.87:*:*:*:*:*:*:*
  • cpe:2.3:a:symantec:web_security:3.0.1.72:*:*:*:*:*:*:*
    cpe:2.3:a:symantec:web_security:3.0.1.72:*:*:*:*:*:*:*
CVSS
Base: 2.6 (as of 05-09-2008 - 20:48)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:H/Au:N/C:N/I:N/A:P
refmap via4
confirm http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html
Last major update 05-09-2008 - 20:48
Published 02-05-2005 - 04:00
Last modified 05-09-2008 - 20:48
Back to Top