CVE-2007-0447

Description

Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.

Affected products

• Symantec / antivirus_scan_engine4.3.3 – 4.3.3
• Symantec / antivirus_scan_engine4.3.8.29 – 4.3.8.29
• Symantec / antivirus_scan_engine4.3.12 – 4.3.12
• Symantec / antivirus_scan_engine4.3.12 – 4.3.12
• Symantec / antivirus_scan_engine4.3.12 – 4.3.12
• Symantec / antivirus_scan_engine4.3.12 – 4.3.12
• Symantec / antivirus_scan_engine4.3.12 – 4.3.12
• Symantec / antivirus_scan_engine4.3.12 – 4.3.12
• Symantec / antivirus_scan_engine5.0 – 5.0
• Symantec / antivirus_scan_engine5.0.1 – 5.0.1
• Symantec / antivirus_scan_engine4.0 – 4.0
• Symantec / antivirus_scan_engine4.3 – 4.3
• Symantec / antivirus_scan_engine4.3 – 4.3
• Symantec / antivirus_scan_engine4.3 – 4.3
• Symantec / antivirus_scan_engine4.3 – 4.3
• Symantec / antivirus_scan_engine4.3 – 4.3
• Symantec / antivirus_scan_engine4.3.7.27 – 4.3.7.27
• Symantec / antivirus_scan_engine4.0 – 4.0
• Symantec / antivirus_scan_engine4.1.8 – 4.1.8
• Symantec / antivirus_scan_engine4.1 – 4.1
• Symantec / brightmail_antispam4.0 – 4.0
• Symantec / brightmail_antispam5.5 – 5.5
• Symantec / brightmail_antispam6.0 – 6.0
• Symantec / brightmail_antispam6.0.3 – 6.0.3
• Symantec / brightmail_antispam6.0.1 – 6.0.1
• Symantec / brightmail_antispam6.0.2 – 6.0.2
• Symantec / brightmail_antispam6.0.4 – 6.0.4
• Symantec / client_security3.1.401 – 3.1.401
• Symantec / client_security3.1.396 – 3.1.396
• Symantec / client_security2.0 – 2.0
• Symantec / client_security2.0 – 2.0
• Symantec / client_security2.0 – 2.0
• Symantec / client_security2.0.1_build_9.0.1.1000 – 2.0.1_build_9.0.1.1000
• Symantec / client_security2.0.2_build_9.0.2.1000 – 2.0.2_build_9.0.2.1000
• Symantec / client_security2.0.3_build_9.0.3.1000 – 2.0.3_build_9.0.3.1000
• Symantec / client_security2.0.4 – 2.0.4
• Symantec / client_security2.0.4 – 2.0.4
• Symantec / client_security2.0.5_build_1100_mp1 – 2.0.5_build_1100_mp1
• Symantec / client_security2.0.6 – 2.0.6
• Symantec / client_security3.0 – 3.0
• Symantec / client_security3.0.0.359 – 3.0.0.359
• Symantec / client_security3.0.1.1000 – 3.0.1.1000
• Symantec / client_security3.0.1.1001 – 3.0.1.1001
• Symantec / client_security3.0.1.1007 – 3.0.1.1007
• Symantec / client_security3.0.1.1008 – 3.0.1.1008
• Symantec / client_security3.0.2.2000 – 3.0.2.2000
• Symantec / client_security3.0.2.2001 – 3.0.2.2001
• Symantec / client_security3.0.2.2002 – 3.0.2.2002
• Symantec / client_security3.0.2.2010 – 3.0.2.2010
• Symantec / client_security3.0.2.2011 – 3.0.2.2011
• Symantec / client_security3.0.2.2020 – 3.0.2.2020
• Symantec / client_security3.0.2.2021 – 3.0.2.2021
• Symantec / client_security3.1 – 3.1
• Symantec / client_security3.1.394 – 3.1.394
• Symantec / client_security3.1.400 – 3.1.400
• Symantec / gateway_security_5000_series3.0.1 – 3.0.1
• Symantec / gateway_security_54002.0.1 – 2.0.1
• Symantec / mail_security4.0 – 4.0
• Symantec / mail_security4.0 – 4.0
• Symantec / mail_security4.0 – 4.0
• Symantec / mail_security4.0 – 4.0
• Symantec / mail_security4.0 – 4.0
• Symantec / mail_security4.0 – 4.0
• Symantec / mail_security4.0.1 – 4.0.1
• Symantec / mail_security4.1 – 4.1
• Symantec / mail_security4.1 – 4.1
• Symantec / mail_security4.1 – 4.1
• Symantec / mail_security4.5 – 4.5
• Symantec / mail_security4.5.4.743 – 4.5.4.743
• Symantec / mail_security4.5_build_719 – 4.5_build_719
• Symantec / mail_security4.5_build_736 – 4.5_build_736
• Symantec / mail_security4.5_build_741 – 4.5_build_741
• Symantec / mail_security4.6.1.107 – 4.6.1.107
• Symantec / mail_security4.6.3 – 4.6.3
• Symantec / mail_security4.6_build_97 – 4.6_build_97
• Symantec / mail_security5.0 – 5.0
• Symantec / mail_security5.0 – 5.0
• Symantec / mail_security5.0.0.204 – 5.0.0.204
• Symantec / mail_security5.0.1 – 5.0.1
• Symantec / mail_security5.1.0 – 5.1.0
• Symantec / mail_security6.0.0 – 6.0.0
• Symantec / mail_security4.0 – 4.0
• Symantec / mail_security4.0 – 4.0
• Symantec / mail_security_8820_appliance
• Symantec / norton_antivirus2005 – 2005
• Symantec / norton_antivirus
• Symantec / norton_antivirus9.0 – 9.0
• Symantec / norton_antivirus9.0 – 9.0
• Symantec / norton_antivirus9.0.0 – 9.0.0
• Symantec / norton_antivirus9.0.0.338 – 9.0.0.338
• Symantec / norton_antivirus9.0.1 – 9.0.1
• Symantec / norton_antivirus9.0.1.1.1000 – 9.0.1.1.1000
• Symantec / norton_antivirus9.0.2 – 9.0.2
• Symantec / norton_antivirus9.0.2.1000 – 9.0.2.1000
• Symantec / norton_antivirus9.0.3 – 9.0.3
• Symantec / norton_antivirus9.0.3.1000 – 9.0.3.1000
• Symantec / norton_antivirus9.0.4 – 9.0.4
• Symantec / norton_antivirus9.0.4 – 9.0.4
• Symantec / norton_antivirus9.0.5 – 9.0.5
• Symantec / norton_antivirus9.0.5.1100 – 9.0.5.1100
• Symantec / norton_antivirus9.0.6.1000 – 9.0.6.1000
• Symantec / norton_antivirus10.0 – 10.0
• Symantec / norton_antivirus10.0 – 10.0
• Symantec / norton_antivirus10.0.0 – 10.0.0
• Symantec / norton_antivirus10.0.0.359 – 10.0.0.359
• Symantec / norton_antivirus10.0.1 – 10.0.1
• Symantec / norton_antivirus10.0.1.1000 – 10.0.1.1000
• Symantec / norton_antivirus10.0.1.1007 – 10.0.1.1007
• Symantec / norton_antivirus10.0.1.1008 – 10.0.1.1008
• Symantec / norton_antivirus10.0.2.2000 – 10.0.2.2000
• Symantec / norton_antivirus10.0.2.2001 – 10.0.2.2001
• Symantec / norton_antivirus10.0.2.2002 – 10.0.2.2002
• Symantec / norton_antivirus10.0.2.2010 – 10.0.2.2010
• Symantec / norton_antivirus10.0.2.2011 – 10.0.2.2011
• Symantec / norton_antivirus10.0.2.2020 – 10.0.2.2020
• Symantec / norton_antivirus10.0.2.2021 – 10.0.2.2021
• Symantec / norton_antivirus10.1 – 10.1
• Symantec / norton_antivirus10.1.4 – 10.1.4
• Symantec / norton_antivirus10.1.4 – 10.1.4
• Symantec / norton_antivirus10.1.4.4010 – 10.1.4.4010
• Symantec / norton_antivirus10.1.394 – 10.1.394
• Symantec / norton_antivirus10.1.396 – 10.1.396
• Symantec / norton_antivirus10.1.400 – 10.1.400
• Symantec / norton_antivirus10.1.401 – 10.1.401
• Symantec / norton_antivirus10.9.1 – 10.9.1
• Symantec / norton_antivirus2004 – 2004
• Symantec / norton_antivirus2004 – 2004
• Symantec / norton_antivirus2005 – 2005
• Symantec / norton_antivirus2005 – 2005
• Symantec / norton_antivirus2005 – 2005
• Symantec / norton_antivirus2006 – 2006
• Symantec / norton_internet_security2005 – 2005
• Symantec / norton_internet_security2005 – 2005
• Symantec / norton_internet_security2005 – 2005
• Symantec / norton_internet_security2005 – 2005
• Symantec / norton_internet_security2005 – 2005
• Symantec / norton_internet_security2006 – 2006
• Symantec / norton_internet_security2006 – 2006
• Symantec / norton_internet_security2004 – 2004
• Symantec / norton_internet_security2004 – 2004
• Symantec / norton_internet_security3.0 – 3.0
• Symantec / norton_personal_firewall2006_9.1.1.7 – 2006_9.1.1.7
• Symantec / norton_personal_firewall2006_9.1.0.33 – 2006_9.1.0.33
• Symantec / norton_personal_firewall2006 – 2006
• Symantec / norton_system_works2005 – 2005
• Symantec / norton_system_works2005 – 2005
• Symantec / norton_system_works2005 – 2005
• Symantec / norton_system_works2006 – 2006
• Symantec / norton_system_works3.0 – 3.0
• Symantec / norton_system_works2004 – 2004
• Symantec / norton_system_works2005 – 2005
• Symantec / symantec_antivirus_filtering_+for_domino3.0.12 – 3.0.12
• Symantec / web_security3.0.1.70 – 3.0.1.70
• Symantec / web_security3.0.1.76 – 3.0.1.76
• Symantec / web_security3.0.1_build_3.01.70 – 3.0.1_build_3.01.70
• Symantec / web_security3.0.1_build_3.01.72 – 3.0.1_build_3.01.72
• Symantec / web_security3.0.1_build_3.01.74 – 3.0.1_build_3.01.74
• Symantec / web_security3.01.59 – 3.01.59
• Symantec / web_security3.01.60 – 3.01.60
• Symantec / web_security3.0.1 – 3.0.1
• Symantec / web_security3.01.62 – 3.01.62
• Symantec / web_security3.01.63 – 3.01.63
• Symantec / web_security3.01.67 – 3.01.67
• Symantec / web_security3.01.68 – 3.01.68
• Symantec / web_security5.0 – 5.0
• Symantec / web_security3.0 – 3.0
• Symantec / web_security2.5 – 2.5
• Symantec / web_security3.01.61 – 3.01.61

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/26053
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/2508
• MISChttp://osvdb.org/36118
• VENDOR_ADVISORYhttp://www.zerodayinitiative.com/advisories/ZDI-07-040.html
• MISChttp://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html
• MISChttp://www.securityfocus.com/bid/24282