Vulnerabilities > CVE-2016-2208 - Resource Management Errors vulnerability in Symantec Anti-Virus Engine 20151.1.0.32
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
HIGH Summary
The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation and system crash) via a malformed PE header file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability. CVE-2016-2208. Dos exploits for multiple platform |
| file | exploits/multiple/dos/39835.txt |
| id | EDB-ID:39835 |
| last seen | 2016-05-17 |
| modified | 2016-05-17 |
| platform | multiple |
| port | |
| published | 2016-05-17 |
| reporter | Google Security Research |
| source | https://www.exploit-db.com/download/39835/ |
| title | Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability |
| type | dos |
Nessus
| NASL family | Windows |
| NASL id | SYMANTEC_SYM_16_008.NASL |
| description | The version of Symantec Antivirus Engine (AVE) installed on the remote host is 20151.1.0.32. It is, therefore, affected by a remote code execution vulnerability due to improper parsing of malformed portable-executable (PE) header files and executables packed with early versions of Aspack. A remote attacker can exploit this by convincing a user to download and scan a document or application containing specially crafted PE header files, resulting in the execution of arbitrary code. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 91261 |
| published | 2016-05-19 |
| reporter | This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/91261 |
| title | Symantec Antivirus Engine 20151.1.0.32 Malformed PE Header Parser Memory Access Violation (SYM16-008) |
Related news
References
- http://www.securityfocus.com/bid/90653
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20160516_00
- http://www.securitytracker.com/id/1035903
- https://www.exploit-db.com/exploits/39835/
- https://bugs.chromium.org/p/project-zero/issues/detail?id=820