PT-2016-2306 · Symantec · Symantec Protection For Sharepoint Servers+17

Publicado

2016-06-30

·

Atualizado

2020-05-11

·

CVE-2016-3646

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Symantec Data Center Security:Server (SDCS:S) versions 6.x through 6.6 MP1 Symantec Endpoint Protection (SEP) versions prior to 12.1 RU6 MP5 Symantec Endpoint Protection (SEP) for Mac version not specified Symantec Endpoint Protection (SEP) for Linux versions prior to 12.1 RU6 MP5 Symantec Protection Engine (SPE) versions prior to 7.0.5 HF01 Symantec Protection Engine (SPE) versions 7.5.x prior to 7.5.3 HF03 Symantec Protection Engine (SPE) version 7.5.4 before HF01 Symantec Protection Engine (SPE) version 7.8.0 before HF01 Symantec Protection for SharePoint Servers (SPSS) versions 6.0.3 through 6.0.5 before 6.0.5 HF 1.5 Symantec Protection for SharePoint Servers (SPSS) version 6.0.6 before HF 1.6 Symantec Mail Security for Microsoft Exchange (SMSMSE) versions prior to 7.0 3966002 HF1.1 Symantec Mail Security for Microsoft Exchange (SMSMSE) versions 7.5.x before 7.5 3966008 VHF1.2 Symantec Mail Security for Domino (SMSDOM) versions prior to 8.0.9 HF1.1 Symantec Mail Security for Domino (SMSDOM) versions 8.1.x before 8.1.3 HF1.2 CSAPI version prior to 10.0.4 HF01 Symantec Message Gateway (SMG) version prior to 10.6.1-4 Symantec Message Gateway for Service Providers (SMG-SP) version 10.5 before patch 254 Symantec Message Gateway for Service Providers (SMG-SP) version 10.6 before patch 253 Norton AntiVirus version not specified Norton Security version not specified Norton Internet Security version not specified Norton 360 version prior to NGC 22.7 Norton Security for Mac version prior to 13.0.2 Norton Power Eraser (NPE) version prior to 5.1 Norton Bootable Removal Tool (NBRT) version prior to 2016.1 Symantec Web Gateway version not specified
Description The issue is caused by an integer overflow or buffer overflow in the Symantec Decomposer engine, allowing remote attackers to execute arbitrary code or cause a denial of service via a crafted ZIP archive. This can lead to memory access violations during decompression.
Recommendations For Symantec Data Center Security:Server (SDCS:S) versions 6.x through 6.6 MP1, update to a version after 6.6 MP1. For Symantec Endpoint Protection (SEP) versions prior to 12.1 RU6 MP5, update to version 12.1 RU6 MP5 or later. For Symantec Endpoint Protection (SEP) for Mac, update to a version after the affected one. For Symantec Endpoint Protection (SEP) for Linux versions prior to 12.1 RU6 MP5, update to version 12.1 RU6 MP5 or later. For Symantec Protection Engine (SPE) versions prior to 7.0.5 HF01, update to version 7.0.5 HF01 or later. For Symantec Protection Engine (SPE) versions 7.5.x prior to 7.5.3 HF03, update to version 7.5.3 HF03 or later. For Symantec Protection Engine (SPE) version 7.5.4 before HF01, update to version 7.5.4 HF01 or later. For Symantec Protection Engine (SPE) version 7.8.0 before HF01, update to version 7.8.0 HF01 or later. For Symantec Protection for SharePoint Servers (SPSS) versions 6.0.3 through 6.0.5 before 6.0.5 HF 1.5, update to version 6.0.5 HF 1.5 or later. For Symantec Protection for SharePoint Servers (SPSS) version 6.0.6 before HF 1.6, update to version 6.0.6 HF 1.6 or later. For Symantec Mail Security for Microsoft Exchange (SMSMSE) versions prior to 7.0 3966002 HF1.1, update to version 7.0 3966002 HF1.1 or later. For Symantec Mail Security for Microsoft Exchange (SMSMSE) versions 7.5.x before 7.5 3966008 VHF1.2, update to version 7.5 3966008 VHF1.2 or later. For Symantec Mail Security for Domino (SMSDOM) versions prior to 8.0.9 HF1.1, update to version 8.0.9 HF1.1 or later. For Symantec Mail Security for Domino (SMSDOM) versions 8.1.x before 8.1.3 HF1.2, update to version 8.1.3 HF1.2 or later. For CSAPI version prior to 10.0.4 HF01, update to version 10.0.4 HF01 or later. For Symantec Message Gateway (SMG) version prior to 10.6.1-4, update to version 10.6.1-4 or later. For Symantec Message Gateway for Service Providers (SMG-SP) version 10.5 before patch 254, apply patch 254 or later. For Symantec Message Gateway for Service Providers (SMG-SP) version 10.6 before patch 253, apply patch 253 or later. For Norton AntiVirus, update to a version after the affected one. For Norton Security, update to a version after the affected one. For Norton Internet Security, update to a version after the affected one. For Norton 360 version prior to NGC 22.7, update to version NGC 22.7 or later. For Norton Security for Mac version prior to 13.0.2, update to version 13.0.2 or later. For Norton Power Eraser (NPE) version prior to 5.1, update to version 5.1 or later. For Norton Bootable Removal Tool (NBRT) version prior to 2016.1, update to version 2016.1 or later. For Symantec Web Gateway, update to a version after the affected one.

Exploit

Correção

RCE

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2016-01695
CVE-2016-3646

Produtos afetados

Csapi
Norton 360
Norton Antivirus
Norton Bootable Removal Tool
Norton Internet Security
Norton Power Eraser
Norton Security
Norton Security For Mac
Symantec Data Center Security:Server
Symantec Endpoint Protection
Symantec Endpoint Protection Client
Symantec Mail Security For Domino
Symantec Mail Security For Microsoft Exchange
Symantec Messaging Gateway
Symantec Message Gateway For Service Providers
Symantec Protection Engine
Symantec Protection For Sharepoint Servers
Symantec Web Gateway