CVE-2005-0249
UnknownEPSS 18.83%
Last modified
CVE-2005-0249 is a vulnerability of currently unknown severity. Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.. EPSS estimates a 18.83% chance of exploitation in the next 30 days.
Description
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Symantec | Antivirus Scan Engine | < 4.3.3 | — |
| Symantec | Brightmail Antispam | 4.0 | — |
| Symantec | Brightmail Antispam | 5.5 | — |
| Symantec | Client Security | 1.0.1_build_8.01.434 | Mr3 |
| Symantec | Client Security | 1.0.1_build_8.01.437 | — |
| Symantec | Client Security | 1.0.1_build_8.01.446 | Mr4 |
| Symantec | Client Security | 1.0.1_build_8.01.457 | Mr5 |
| Symantec | Client Security | 1.0.1_build_8.01.460 | Mr6 |
| Symantec | Client Security | 1.0.1_build_8.01.464 | Mr7 |
| Symantec | Client Security | 1.0.1_build_8.01.471 | Mr8 |
| Symantec | Client Security | 1.1.1_mr1_build_8.1.1.314a | — |
| Symantec | Client Security | 1.1.1_mr2_build_8.1.1.319 | — |
| Symantec | Client Security | 1.1.1_mr3_build_8.1.1.323 | — |
| Symantec | Client Security | 1.1.1_mr4_build_8.1.1.329 | — |
| Symantec | Client Security | 1.1.1_mr5_build_8.1.1.336 | — |
| Symantec | Gateway Security | 1.0 | — |
| Symantec | Gateway Security | 2.0 | — |
| Symantec | Gateway Security | 2.0.1 | — |
| Symantec | Mail Security | 4.0 | — |
| Symantec | Mail Security | 4.1 | Build 458 |
| Symantec | Mail Security | 4.5_build_719 | — |
| Symantec | Norton Antivirus | 2.18_build_83 | — |
| Symantec | Norton Antivirus | 8.1.1.319 | — |
| Symantec | Norton Antivirus | 8.1.1.323 | — |
| Symantec | Norton Antivirus | 8.1.1.329 | — |
| Symantec | Norton Antivirus | 8.1.1_build8.1.1.314a | — |
| Symantec | Norton Antivirus | 8.01.434 | — |
| Symantec | Norton Antivirus | 8.01.437 | — |
| Symantec | Norton Antivirus | 8.01.446 | — |
| Symantec | Norton Antivirus | 8.01.457 | — |
| Symantec | Norton Antivirus | 8.01.460 | — |
| Symantec | Norton Antivirus | 8.01.464 | — |
| Symantec | Norton Antivirus | 8.01.471 | — |
| Symantec | Norton Antivirus | 9.0 | — |
| Symantec | Norton Antivirus | 2004 | — |
| Symantec | Norton Internet Security | 2004 | — |
| Symantec | Norton System Works | 2004 | — |
| Symantec | Sav Filter Domino Nt Ports | build3.0.5 | — |
| Symantec | Sav Filter For Domino Nt | 3.1.1 | — |
| Symantec | Web Security | 3.01.59 | — |
| Symantec | Web Security | 3.01.60 | — |
| Symantec | Web Security | 3.01.61 | — |
| Symantec | Web Security | 3.01.62 | — |
| Symantec | Web Security | 3.01.63 | — |
| Symantec | Web Security | 3.01.67 | — |
| Symantec | Web Security | 3.01.68 | — |
References
- http://securitytracker.com/id?1013133Third Party Advisory, VDB Entry
- http://www.kb.cert.org/vuls/id/107822Patch, Third Party Advisory, US Government Resource
- http://www.symantec.com/avcenter/security/Content/2005.02.08.htmlPatch, Vendor Advisory
- http://xforce.iss.net/xforce/alerts/id/187Patch, Vendor Advisory
- http://securitytracker.com/id?1013133Third Party Advisory, VDB Entry
- http://www.kb.cert.org/vuls/id/107822Patch, Third Party Advisory, US Government Resource
- http://www.symantec.com/avcenter/security/Content/2005.02.08.htmlPatch, Vendor Advisory
- http://xforce.iss.net/xforce/alerts/id/187Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-0249?
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
How severe is CVE-2005-0249?
Severity scoring for CVE-2005-0249 is pending analysis. The EPSS model estimates a 18.83% probability of exploitation in the next 30 days.
How do I fix CVE-2005-0249?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2005-0249?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST