{"vuid":"VU#404910","idnumber":"404910","name":"Symantec products vulnerable to buffer overflow","keywords":["Symantec Antivirus","arbitrary code execution","eeye","SYM06-010"],"overview":"Symantec products are vulnerable to a stack-based buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.","clean_desc":"Symantec Client Security and Symantec Antivirus Corporate Edition contain a stack-based buffer overflow. For information on specific versions of Symantec Client Security and Symantec Antivirus Corporate Edition that are affected, refer to Symantec Advisory SYM06-010. Note that the affected products typically run with SYSTEM privileges.","impact":"A remote, unauthenticated attacker may be able to execute arbitrary code with SYSTEM privileges.","resolution":"Apply updates\nSymantec has released updates to correct this vulnerability. Refer to Symantec Advisory SYM06-010 for more information.","workarounds":"","sysaffected":"","thanks":"This vulnerability was reported by \neEye Digital Security","author":"This document was written by Jeff Gennari.","public":["http://www.eeye.com/html/research/advisories/AD20060612.html","http://www.symantec.com/avcenter/security/Content/2006.05.25.html","http://www.eeye.com/html/research/upcoming/20060524.html","http://www.securityfocus.com/bid/18107/","http://securitytracker.com/alerts/2006/May/1016162.html"],"cveids":["CVE-2006-2630"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2006-05-26T13:58:07Z","publicdate":"2006-05-24T00:00:00Z","datefirstpublished":"2006-05-30T16:19:53Z","dateupdated":"2006-06-13T15:26:45Z","revision":22,"vrda_d1_directreport":"0","vrda_d1_population":"4","vrda_d1_impact":"4","cam_widelyknown":"14","cam_exploitation":"0","cam_internetinfrastructure":"6","cam_population":"20","cam_impact":"18","cam_easeofexploitation":"9","cam_attackeraccessrequired":"20","cam_scorecurrent":"24.3","cam_scorecurrentwidelyknown":"31.59","cam_scorecurrentwidelyknownexploited":"55.89","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":24.3,"vulnote":null}