CVE-2016-5309

Name of the Vulnerable Software and Affected Versions Symantec Advanced Threat Protection: Network (ATP) (affected versions not specified) Symantec Email Security.Cloud (affected versions not specified) Symantec Data Center Security: Server (affected versions not specified) Symantec Endpoint Protection (SEP) for Windows versions prior to 12.1.6 MP5 Symantec Endpoint Protection (SEP) for Mac (affected versions not specified) Symantec Endpoint Protection (SEP) for Linux versions prior to 12.1.6 MP6 Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud) (affected versions not specified) Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac (affected versions not specified) Symantec Endpoint Protection Small Business Edition 12.1 CSAPI versions prior to 10.0.4 HF02 Symantec Protection Engine (SPE) versions prior to 7.0.5 HF02, versions prior to 7.5.4 HF02, versions prior to 7.5.5 HF01, and versions prior to 7.8.0 HF03 Symantec Mail Security for Domino (SMSDOM) versions prior to 8.0.9 HF2.1, versions prior to 8.1.2 HF2.3, and versions prior to 8.1.3 HF2.2 Symantec Mail Security for Microsoft Exchange (SMSMSE) versions prior to 6.5.8 3968140 HF2.3, versions prior to 7.0 3966002 HF2.1, and versions prior to 7.5 3966008 VHF2.2 Symantec Protection for SharePoint Servers (SPSS) versions prior to SPSS 6.0.3 To 6.0.5 HF 2.5 update, versions prior to 6.0.6 HF 2.6, and versions prior to 6.0.7 HF 2.7 Symantec Messaging Gateway (SMG) versions prior to 10.6.2 Symantec Messaging Gateway for Service Providers (SMG-SP) versions prior to 10.5 patch 260 and versions prior to 10.6 patch 259 Symantec Web Gateway (affected versions not specified) Symantec Web Security.Cloud (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service via a crafted RAR file that is mishandled during decompression by the RAR file parser component in the AntiVirus Decomposer engine.

Recommendations For Symantec Endpoint Protection (SEP) for Windows versions prior to 12.1.6 MP5, update to version 12.1.6 MP5 or later. For Symantec Endpoint Protection (SEP) for Linux versions prior to 12.1.6 MP6, update to version 12.1.6 MP6 or later. For CSAPI versions prior to 10.0.4 HF02, update to version 10.0.4 HF02 or later. For Symantec Protection Engine (SPE) versions prior to 7.0.5 HF02, update to version 7.0.5 HF02 or later. For Symantec Protection Engine (SPE) versions prior to 7.5.4 HF02, update to version 7.5.4 HF02 or later. For Symantec Protection Engine (SPE) versions prior to 7.5.5 HF01, update to version 7.5.5 HF01 or later. For Symantec Protection Engine (SPE) versions prior to 7.8.0 HF03, update to version 7.8.0 HF03 or later. For Symantec Mail Security for Domino (SMSDOM) versions prior to 8.0.9 HF2.1, update to version 8.0.9 HF2.1 or later. For Symantec Mail Security for Domino (SMSDOM) versions prior to 8.1.2 HF2.3, update to version 8.1.2 HF2.3 or later. For Symantec Mail Security for Domino (SMSDOM) versions prior to 8.1.3 HF2.2, update to version 8.1.3 HF2.2 or later. For Symantec Mail Security for Microsoft Exchange (SMSMSE) versions prior to 6.5.8 3968140 HF2.3, update to version 6.5.8 3968140 HF2.3 or later. For Symantec Mail Security for Microsoft Exchange (SMSMSE) versions prior to 7.0 3966002 HF2.1, update to version 7.0 3966002 HF2.1 or later. For Symantec Mail Security for Microsoft Exchange (SMSMSE) versions prior to 7.5 3966008 VHF2.2, update to version 7.5 3966008 VHF2.2 or later. For Symantec Protection for SharePoint Servers (SPSS) versions prior to SPSS 6.0.3 To 6.0.5 HF 2.5 update, apply the SPSS 6.0.3 To 6.0.5 HF 2.5 update or later. For Symantec Protection for SharePoint Servers (SPSS) versions prior to 6.0.6 HF 2.6, update to version 6.0.6 HF 2.6 or later. For Symantec Protection for SharePoint Servers (SPSS) versions prior to 6.0.7 HF 2.7, update to version 6.0.7 HF 2.7 or later. For Symantec Messaging Gateway (SMG) versions prior to 10.6.2, update to version 10.6.2 or later. For Symantec Messaging Gateway for Service Providers (SMG-SP) versions prior to 10.5 patch 260, apply patch 260 or later. For Symantec Messaging Gateway for Service Providers (SMG-SP) versions prior to 10.6 patch 259, apply patch 259 or later. At the moment, there is no information about a newer version that contains a fix for this vulnerability for Symantec Advanced Threat Protection: Network (ATP), Symantec Email Security.Cloud, Symantec Data Center Security: Server, Symantec Endpoint Protection (SEP) for Mac, Symantec Endpoint Protection for Small Business Enterprise (SEP SBE/SEP.Cloud), Symantec Endpoint Protection Cloud (SEPC) for Windows/Mac, Symantec Web Gateway, and Symantec Web Security.Cloud.