CVE-2005-0249
Symantec AntiVirus Scan Engine < 4.3.3 - Remote Code Execution via Crafted UPX Compressed File
Title source: llmDescription
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
References (5)
Core 5
Core References
Patch, Third Party Advisory, US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/107822
Patch, Vendor Advisory third-party-advisory
x_refsource_iss
http://xforce.iss.net/xforce/alerts/id/187
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013133
VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18869
Patch, Vendor Advisory x_refsource_confirm
http://www.symantec.com/avcenter/security/Content/2005.02.08.html
Scores
EPSS
0.1060
EPSS Percentile
93.4%
Details
Status
published
Products (46)
symantec/antivirus_scan_engine
< 4.3.3
symantec/brightmail_antispam
4.0
symantec/brightmail_antispam
5.5
symantec/client_security
1.0.1_build_8.01.434 mr3
symantec/client_security
1.0.1_build_8.01.437
symantec/client_security
1.0.1_build_8.01.446 mr4
symantec/client_security
1.0.1_build_8.01.457 mr5
symantec/client_security
1.0.1_build_8.01.460 mr6
symantec/client_security
1.0.1_build_8.01.464 mr7
symantec/client_security
1.0.1_build_8.01.471 mr8
... and 36 more
Published
Feb 08, 2005
Tracked Since
Feb 18, 2026