Description
The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds checks of the contents of CAB archives, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted file.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121107_00
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/985625
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027726
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/56399
Scores
EPSS
0.0949
EPSS Percentile
92.9%
Details
CWE
CWE-119
Status
published
Products (10)
symantec/antivirus
10.1.0
symantec/antivirus
10.1.4
symantec/antivirus
10.1.5
symantec/antivirus
10.1.6
symantec/antivirus
10.1.7
symantec/antivirus
10.1.8
symantec/antivirus
10.1.9
symantec/endpoint_protection
11.0
symantec/endpoint_protection
12.0
symantec/scan_engine
< 5.2
Published
Nov 14, 2012
Tracked Since
Feb 18, 2026