Decomposer Engine Vulnerability in Symantec Products
CVE-2012-4953

Currently unrated

Key Information:

Vendor

Symantec
Status
Antivirus
Scan Engine
Endpoint Protection
Vendor
CVE Published:
14 November 2012

What is CVE-2012-4953?

The decomposer engine in several Symantec products fails to properly enforce bounds checks of CAB archive contents, exposing the system to potential denial of service through application crashes. This vulnerability may also allow remote attackers to execute arbitrary code by exploiting crafted archive files, thus compromising the security of impacted systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.symantec.com/security_response/securityupdates...
x_refsource_CONFIRM
http://www.kb.cert.org/vuls/id/985625
third-party-advisoryx_refsource_CERT-VN
http://www.securitytracker.com/id?1027726
vdb-entryx_refsource_SECTRACK

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.