Vulnerabilities > CVE-2005-1346 - Denial-Of-Service vulnerability in Web Security

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

high complexity

symantec

NVD

Published: 2005-05-02

Updated: 2008-09-05

Summary

Multiple Symantec AntiVirus products, including Norton AntiVirus 2005 11.0.0, Web Security Web Security 3.0.1.72, Mail Security for SMTP 4.0.5.66, AntiVirus Scan Engine 4.3.7.27, SAV/Filter for Domino NT 3.1.1.87, and Mail Security for Exchange 4.5.4.743, when running on Windows, allows remote attackers to cause a denial of service (component crash) and avoid detection via a crafted RAR file.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Antivirus Scan Engine 4.3.7.27 Symantec Mail Security 4.0.5.66 Symantec Mail Security 4.5.4.743 Symantec Norton Antivirus 2005_11.0.0 Symantec Norton Internet Security 2005_Contains_Nav_11.0.0 Symantec Norton System Works 2005_Contains_Nav_11.0.0 Symantec Symav Filter Domino NT 3.1.1.87 Symantec WEB Security 3.0.1.72	8

References

http://securityresponse.symantec.com/avcenter/security/Content/2005.04.27.html