Vulnerabilities > CVE-2005-0249 - Unspecified vulnerability in Symantec products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
Vulnerable Configurations
References
- http://securitytracker.com/id?1013133
- http://securitytracker.com/id?1013133
- http://www.kb.cert.org/vuls/id/107822
- http://www.kb.cert.org/vuls/id/107822
- http://www.symantec.com/avcenter/security/Content/2005.02.08.html
- http://www.symantec.com/avcenter/security/Content/2005.02.08.html
- http://xforce.iss.net/xforce/alerts/id/187
- http://xforce.iss.net/xforce/alerts/id/187
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18869
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18869