Execution Vulnerability in Symantec's Advanced Threat Protection and Related Products
CVE-2016-2207

8.4HIGH

Key Information:

Vendor

Symantec
Status
Mail Security For Microsoft Exchange
Vendor
CVE Published:
30 June 2016

What is CVE-2016-2207?

A vulnerability exists in the AntiVirus Decomposer engine of various Symantec products, allowing remote attackers to execute arbitrary code or trigger a denial of service due to improper handling of crafted RAR files during decompression. This flaw affects several versions of products including Symantec Advanced Threat Protection, Symantec Endpoint Protection, Norton AntiVirus, and more, exposing systems to potential exploitation that can result in unauthorized operations or service interruptions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/91434
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1036199
vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1036198
vdb-entryx_refsource_SECTRACK

EPSS Score

50% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.