Heap-Based Buffer Overflow in Symantec Products
CVE-2007-0447

Currently unrated

Key Information:

Vendor

Symantec
Status
Mail Security
Client Security
Norton Antivirus
Norton Internet Security
Vendor
CVE Published:
5 October 2007

What is CVE-2007-0447?

The vulnerability involves a heap-based buffer overflow in the Decomposer component of several Symantec products. This flaw can be exploited by remote attackers who craft specific CAB archives, potentially leading to arbitrary code execution on the affected system. Such vulnerabilities pose a significant risk, as they enable unauthorized control over the system’s execution flow.

References

http://secunia.com/advisories/26053
third-party-advisoryx_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/2508
vdb-entryx_refsource_VUPEN
http://osvdb.org/36118
vdb-entryx_refsource_OSVDB

EPSS Score

10% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2007-0447 : Heap-Based Buffer Overflow in Symantec Products