The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Symantec AV, Norton AV: several vulnerabilities

Synthesis of the vulnerability 

Three vulnerabilities of Symantec and Norton products can be used by an attacker to disable the antivirus or to execute code.
Vulnerable products: Norton Antivirus Plus, Norton Internet Security, Symantec AV.
Severity of this weakness: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 18/02/2010.
Références of this bulletin: BID-38127, BID-38129, BID-38222, CERTA-2010-AVI-087, CVE-2010-0106, CVE-2010-0107, CVE-2010-0108, DSECRG-09-039, SYM10-002, SYM10-003, SYM10-004, VIGILANCE-VUL-9462.

Description of the vulnerability 

Three vulnerabilities were announced in Symantec and Norton products.

A local attacker can disable the Symantec AntiVirus on-demand scan. [severity:2/4; BID-38127, CERTA-2010-AVI-087, CVE-2010-0106, SYM10-002]

An attacker can generate a buffer overflow in the SYMLTCOM.DLL ActiveX of Norton AV/IS, in order to execute code when the victim browses a malicious web site. [severity:2/4; BID-38129, CVE-2010-0107, SYM10-003]

An attacker can generate a buffer overflow in Symantec Client Proxy (CLIproxy.dll). [severity:1/4; BID-38222, CVE-2010-0108, DSECRG-09-039, SYM10-004]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer weakness bulletin impacts software or systems such as Norton Antivirus Plus, Norton Internet Security, Symantec AV.

Our Vigil@nce team determined that the severity of this computer threat announce is medium.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 3 vulnerabilities.

An attacker with a expert ability can exploit this threat announce.

Solutions for this threat 

Symantec AV, Norton AV: solution.
For Symantec AntiVirus:
 - 10.0.x : update to version 10.1.x
 - 10.1.x : install MR9, and enable Tamper Protection
 - 10.2.x : install MR4, and enable Tamper Protection
For Norton AV/IS, use LiveUpdate.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer security database. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications.