這是Symantec的漏洞快點更新你的防毒軟件吧




多個 Symantec 產品存在漏洞，允許惡意的使用控制受影響的系統。

這個漏洞是由防毒程式的掃瞄功能處理 UPX 壓縮檔案時負責的分析引擎存在邊界檢查錯誤所造成。透過特製的 UPX 檔案來攻擊這個漏洞，可以造成堆積緩衝區滿溢。

影響

成功攻擊這個漏洞會允許執任意的程式碼。
受影響的系統

Symantec Norton Antivirus 2004 for Windows
Symantec Norton Internet Security 2004 (pro) for Windows
Symantec Norton System Works 2004 for Windows
Symantec Norton Antivirus 2004 for Macintosh
Symantec Norton Internet Security 2004 for Macintosh
Symantec Norton System Works 2004 for Macintosh
Symantec Norton Antivirus 9.0 for Macintosh
Symantec Norton Internet Security for Macintosh 3.0
Symantec Norton System Works for Macintosh 3.0
Norton AntiVirus for Microsoft Exchange 2.1 prior to build 2.18.85
Symantec Mail Security for Microsoft Exchange 4.0 prior to build 4.0.10.465
Symantec Mail Security for Microsoft Exchange 4.5 prior to build 4.5.3
Symantec AntiVirus/Filtering for Domino NT 3.1 prior to build 3.1.1
Symantec Mail Security for Domino 4.0 prior to build 4.0.1
Symantec AntiVirus/Filtering for Domino Ports 3.0
(AIX) prior to build 3.0.6
(OS400, Linux, Solaris) prior to build 3.0.7
Symantec AntiVirus Scan Engine 4.3 prior to build 4.3.3
Symantec AntiVirus for Network Attached Storage prior to build 4.3.3
Symantec AntiVirus for Caching prior to build 4.3.3
Symantec AntiVirus for SMTP 3.1 prior to build 3.1.7
Symantec Mail Security for SMTP 4.0 prior to build 4.0.2
Symantec Web Security 3.0 prior to build 3.0.1.70
Symantec BrightMail AntiSpam 4.0
Symantec BrightMail AntiSpam 5.5
Symantec AntiVirus Corporate Edition 9.0 prior to build 9.01.1000
Symantec AntiVirus Corporate Edition 8.01, 8.1.1
Symantec Client Security 2.0 prior to build 9.01.1000
Symantec Client Security 1.0, 1.0
Symantec Gateway Security 2.0, 2.0.1 – 5400 Series
Symantec Gateway Security 1.0 – 5300 Series
解決方案

請於安裝修補程式前瀏覽軟件供應商之網頁，以獲得更詳盡資料。

請在這裡下載修補程式

http://www.symantec.com/avcenter/se...2005.02.08.html
相關連結

http://xforce.iss.net/x...ts/id/187
http://secunia.com/a...s/14179/