CVE-2008-0309

Name of the Vulnerable Software and Affected Versions Symantec Scan Engine versions 5.1.2 through 5.1.6.30

Description The issue is a stack-based buffer overflow in Symantec Decomposer, which is used in certain Symantec antivirus products. This allows remote attackers to execute arbitrary code or cause a denial of service via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp).

Recommendations For Symantec Scan Engine versions 5.1.2 through 5.1.6.30, update to version 5.1.6.31 or later to resolve the issue.