Skip to main content

Symantec Mail Security Attachment Parsing Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 9 Apr 2008 4597 Views

RISK: Medium Risk

Multiple vulnerabilities have been identifed in Symantec Mail Security for SMTP, Symantec Mail Security for Domino and Symantec Mail Security for Exchange, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerabilities are caused due to various errors within the third-party Folio Flat File reader (foliosr.dll) and Applix Graphics reader (kpagrdr.dll) and can be exploited to cause buffer overflows when a specially crafted file is checked.

Successful exploitation allows execution of arbitrary code, but requires that e.g. a policy is setup for scanning the contents of messages.


Impact

  • Remote Code Execution

System / Technologies affected

  • Symantec Mail Security for SMTP 5.x
  • Symantec Mail Security for Domino 7.x
  • Symantec Mail Security for Microsoft Exchange 5.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Symantec Mail Security for SMTP 5.x
    - Update to version 5.0.1 with Patch 189.
  • Symantec Mail Security for Domino 7.x
    - Disable scanning of message content.
  • Symantec Mail Security for Microsoft Exchange 5.x
    - Disable scanning of message content.


Vulnerability Identifier


Source


Related Link