[SNS Advisory No.61] Symantec Norton AntiVirus 2002 Buffer Overflow Vulnerability

["snsadv () lac co jp" <snsadv () lac co jp>]

[Moderator note: This post was withheld, with permission from SNS, to ensure that
                 the issue was resolved completely. ]

----------------------------------------------------------------------
SNS Advisory No.61
Symantec Norton AntiVirus 2002 Buffer Overflow Vulnerability

Problem first discovered: Thu, 26 Dec 2002
Published: Wed, 19 Feb 2003
Reference: http://www.lac.co.jp/security/english/snsadv_e/61_e.html
----------------------------------------------------------------------

Overview:
---------
  The e-mail scanning function in Symantec Norton AntiVirus 2002 may cause
  a Buffer Overflow.

Problem Description:
--------------------
  The e-mail scanning function in Symantec Norton AntiVirus 2002 will cause
  a Buffer Overflow when it receives an e-mail message with a compressed file
  which includes a file with an unusually long filename.

  An attacker could exploit this problem to execute arbitrary code with the 
  privilege of the currently logged on user.


Tested Versions:
----------------
  Symantec Norton AntiVirus 2002 (version 8.07.17C)

Tested OS:
----------
  Windows 2000 Professional Japanese Edition + Windows 2000 Service Pack 3

Solution:
---------
  Update AntiVirus 2002 by using LiveUpdate.

Discovered by:
--------------
  ARAI Yuu y.arai () lac co jp

Acknowledgements:
-----------------
  Thanks to:
  Symantec Security Response

Disclaimer:
-----------
  All information in these advisories are subject to change without any
  advanced notices neither mutual consensus, and each of them is released
  as it is. LAC Co.,Ltd. is not responsible for any risks of occurrences
  caused by applying those information. 

------------------------------------------------------------------
Secure Net Service(SNS) Security Advisory <snsadv () lac co jp>
Computer Security Laboratory, LAC  http://www.lac.co.jp/security/