CVE-2005-0249: Buffer Overflow
First published: Tue Feb 08 2005(Updated: )
Heap-based buffer overflow in the DEC2EXE module for Symantec AntiVirus Library allows remote attackers to execute arbitrary code via a UPX compressed file containing a negative virtual offset to a crafted PE header.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Norton Internet Security | =2004 | |
| Symantec Client Security | =1.0.1_build_8.01.460-mr6 | |
| Symantec Client Security | =1.0.1_build_8.01.446-mr4 | |
| Symantec Mail Security | =4.1-build_461 | |
| Symantec Norton Antivirus with Backup | =8.01.460 | |
| Symantec Antivirus Filtering for Domino | =build3.0.5 | |
| Symantec Norton Antivirus with Backup | =8.01.437 | |
| Symantec Web Security | =3.01.62 | |
| Symantec Client Security | =1.1.1_mr1_build_8.1.1.314a | |
| Symantec Norton Antivirus with Backup | =8.1.1.323 | |
| Symantec Norton Antivirus with Backup | =8.01.457 | |
| Symantec Web Security | =3.01.61 | |
| Symantec Norton Antivirus with Backup | =8.1.1_build8.1.1.314a | |
| Symantec Norton Antivirus with Backup | =8.01.446 | |
| Symantec Norton Antivirus with Backup | =2.18_build_83 | |
| Symantec Web Security | =3.01.68 | |
| Symantec Norton Antivirus with Backup | =8.01.464 | |
| Symantec Client Security | =1.0.1_build_8.01.471-mr8 | |
| Symantec Client Security | =1.0.1_build_8.01.457-mr5 | |
| Symantec Norton System Works | =2004 | |
| Symantec Web Security | =3.01.60 | |
| Symantec Norton Antivirus with Backup | =8.1.1.319 | |
| Symantec Norton Antivirus with Backup | =8.01.434 | |
| Symantec Brightmail AntiSpam | =5.5 | |
| Symantec Mail Security | =4.1-build_458 | |
| Symantec Norton Antivirus with Backup | =2004 | |
| Symantec Client Security | =1.1.1_mr3_build_8.1.1.323 | |
| Symantec Client Security | =1.1.1_mr2_build_8.1.1.319 | |
| Symantec Norton Antivirus with Backup | =8.01.471 | |
| Symantec Gateway Security | =2.0 | |
| Symantec Client Security | =1.1.1_mr5_build_8.1.1.336 | |
| Symantec Gateway Security | =1.0 | |
| Symantec Web Security | =3.01.67 | |
| Symantec Client Security | =1.0.1_build_8.01.437 | |
| Symantec Antivirus Filtering for Domino | =build3.0.5 | |
| Symantec Mail Security | =4.0 | |
| Symantec Web Security | =3.01.63 | |
| Symantec Mail Security | =4.1-build_459 | |
| Symantec Gateway Security | =2.0.1 | |
| Symantec Web Security | =3.01.59 | |
| Symantec Client Security | =1.1.1_mr4_build_8.1.1.329 | |
| Symantec Client Security | =1.0.1_build_8.01.434-mr3 | |
| Symantec Norton Antivirus with Backup | =8.1.1.329 | |
| Symantec Mail Security | =4.5_build_719 | |
| Symantec Brightmail AntiSpam | =4.0 | |
| Symantec Norton Antivirus with Backup | =9.0 | |
| Symantec Client Security | =1.0.1_build_8.01.464-mr7 | |
| Symantec Antivirus Filtering for Domino | =3.1.1 | |
| Symantec Antivirus Scan Engine for Microsoft SharePoint | <4.3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-0249?
CVE-2005-0249 is classified as a critical vulnerability due to the potential for remote code execution.
How do I fix CVE-2005-0249?
To fix CVE-2005-0249, it is recommended to update all affected Symantec products to their latest versions that contain the security patches.
Which products are affected by CVE-2005-0249?
CVE-2005-0249 affects several Symantec products, including Norton Internet Security 2004, Norton Antivirus, and Client Security versions.
Can CVE-2005-0249 be exploited remotely?
Yes, CVE-2005-0249 can be exploited remotely through specially crafted UPX compressed files.
What types of attacks can CVE-2005-0249 enable?
CVE-2005-0249 enables attackers to perform arbitrary code execution on the targeted system.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/author
- agent/remedy
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/symantec
- canonical/symantec norton internet security
- version/symantec norton internet security/2004
- canonical/symantec client security
- version/symantec client security/1.0.1_build_8.01.460-mr6
- version/symantec client security/1.0.1_build_8.01.446-mr4
- canonical/symantec mail security
- version/symantec mail security/4.1-build_461
- canonical/symantec norton antivirus with backup
- version/symantec norton antivirus with backup/8.01.460
- canonical/symantec antivirus filtering for domino
- version/symantec antivirus filtering for domino/build3.0.5
- version/symantec norton antivirus with backup/8.01.437
- canonical/symantec web security
- version/symantec web security/3.01.62
- version/symantec client security/1.1.1_mr1_build_8.1.1.314a
- version/symantec norton antivirus with backup/8.1.1.323
- version/symantec norton antivirus with backup/8.01.457
- version/symantec web security/3.01.61
- version/symantec norton antivirus with backup/8.1.1_build8.1.1.314a
- version/symantec norton antivirus with backup/8.01.446
- version/symantec norton antivirus with backup/2.18_build_83
- version/symantec web security/3.01.68
- version/symantec norton antivirus with backup/8.01.464
- version/symantec client security/1.0.1_build_8.01.471-mr8
- version/symantec client security/1.0.1_build_8.01.457-mr5
- canonical/symantec norton system works
- version/symantec norton system works/2004
- version/symantec web security/3.01.60
- version/symantec norton antivirus with backup/8.1.1.319
- version/symantec norton antivirus with backup/8.01.434
- canonical/symantec brightmail antispam
- version/symantec brightmail antispam/5.5
- version/symantec mail security/4.1-build_458
- version/symantec norton antivirus with backup/2004
- version/symantec client security/1.1.1_mr3_build_8.1.1.323
- version/symantec client security/1.1.1_mr2_build_8.1.1.319
- version/symantec norton antivirus with backup/8.01.471
- canonical/symantec gateway security
- version/symantec gateway security/2.0
- version/symantec client security/1.1.1_mr5_build_8.1.1.336
- version/symantec gateway security/1.0
- version/symantec web security/3.01.67
- version/symantec client security/1.0.1_build_8.01.437
- version/symantec mail security/4.0
- version/symantec web security/3.01.63
- version/symantec mail security/4.1-build_459
- version/symantec gateway security/2.0.1
- version/symantec web security/3.01.59
- version/symantec client security/1.1.1_mr4_build_8.1.1.329
- version/symantec client security/1.0.1_build_8.01.434-mr3
- version/symantec norton antivirus with backup/8.1.1.329
- version/symantec mail security/4.5_build_719
- version/symantec brightmail antispam/4.0
- version/symantec norton antivirus with backup/9.0
- version/symantec client security/1.0.1_build_8.01.464-mr7
- version/symantec antivirus filtering for domino/3.1.1
- canonical/symantec antivirus scan engine for microsoft sharepoint