Alex Wheeler has reported a vulnerability in Symantec Antivirus, which
potentially can be exploited by malicious people to compromise a vulnerable
system.

The vulnerability is caused due to a boundary error in Dec2Rar.dll when
copying data based on the length field in the sub-block headers of a RAR
archive. This can be exploited to cause a heap-based buffer overflow and may
allow arbitrary code execution when a malicious RAR archive is scanned.

The vulnerability has been reported in Dec2Rar.dll version 3.2.14.3 and
potentially affects all Symantec products that use the DLL.

Affected software listed here http://secunia.com/advisories/18131/

Symantec has not yet released a patch to address this problem. In the
meantime, Wheeler recommends that users "disable scanning of RAR-compressed
files until the vulnerable code is fixed."

On Wed, 21 Dec 2005 11:34:16 -0800, Evan Platt
<evan@theobvious.espphotography.com> wrote:

Like Kaspersky, which is the best and prolly cost no more than
Symantec.
--
"Politicians are like diapers. They should both be changed frequently
and for the same reason."

joevan <joevanudity@joevanudity.com> wrote:

"Evan Platt" <evan@theobvious.espphotography.com> wrote in message
news:2hbjq15nt9ibkebsf25vkn8ba632rbn29s@4ax.com...
*Anything* else??

Common sense is a good starting point!

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

Tony wrote:
All anti-virus programs have niggles. This is NOT new news.




--
http://www.bootdisk.com/

"Plato" <|@|.|> wrote in message
news:43aa4d14$1$33425$bb4e3ad8@newscene.com...
vulnerability that has just been announced so this is "new news". I posted
it to inform people who may wish to know and might have an issue if they
download RAR files. If you don't want to know then move on and don't read
the post.