An Interest In:
Web News this Week
- April 20, 2024
- April 19, 2024
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
Some of Our Sources
- Techcrunch
- Spoon Graphics
- Smashing Apps
- Abduzeedo
- Inspiredology
- Design Modo
- Daily Now
- Dev To
- The Verge
- TechPowerUp
Help Webnuz
Referal links:
May 17, 2016 08:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Z9jC4_saPl4/symantec-antivirus-products-vulnerable-to-horrid-overflow-bug
Symantec Antivirus Products Vulnerable To Horrid Overflow Bug
An anonymous reader writes: Tavis Ormandy of Google's Project Zero team has discovered a vulnerability in Symantec Antivirus Engine. The said engine is vulnerable to a buffer overflow when parsing malformed portable-executable (PE) header files, reports ZDNet. "Such malformed PE files can be received through incoming email, downloading of a document or application, or by visiting a malicious web site," Symantec said. "No user interaction is required to trigger the parsing of the malformed file." For Linux, OS X, and other Unix-like systems, the exploit results in a remote heap overflow as root in the Symantec or Norton process, Ormandy said in the Project Zero issue tracker. "On Windows, this results in kernel memory corruption, as the scan engine is loaded into the kernel (wtf!!!), making this a remote ring0 memory corruption vulnerability -- this is about as bad as it can possibly get," he said.The vulnerability, if exploited, results in kernel memory corruption without user action and instant blue-screening on Windows.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/Z9jC4_saPl4/symantec-antivirus-products-vulnerable-to-horrid-overflow-bug
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot