Heap-based Buffer Overflow in Symantec AntiVirus Library
CVE-2005-0249

Currently unrated

Key Information:

Vendor

Symantec
Status
Norton Internet Security
Client Security
Mail Security
Norton Antivirus
Vendor
CVE Published:
8 February 2005

What is CVE-2005-0249?

A heap-based buffer overflow has been identified in the DEC2EXE module of the Symantec AntiVirus Library. This vulnerability can allow remote attackers to execute arbitrary code on affected systems by sending a specially crafted UPX compressed file that contains a negatively defined virtual offset to a manipulated PE header. Proper validation and handling of the input data are crucial to mitigate this risk and protect against potential exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kb.cert.org/vuls/id/107822
third-party-advisoryx_refsource_CERT-VN
http://xforce.iss.net/xforce/alerts/id/187
third-party-advisoryx_refsource_ISS
http://securitytracker.com/id?1013133
vdb-entryx_refsource_SECTRACK

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.