Symantec Products CAB Files Memory Corruption Vulnerability

Summary
This host is installed with Symantec Product and is prone to memory corruption vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code or can cause a denial of service via a crafted CAB file. Impact Level: System/Application
Solution
Upgrade to Symantec Endpoint Protection (SEP) version 12.1 or later For updates refer to http://www.symantec.com/business/support/index?page=content&id=TECH163602 ***** NOTE: Ignore this warning if patch or mentioned workaround is applied already. For patch or workaround refer to http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121107_00 *****
Insight
The decomposer engine in Symantec Products fails to perform bounds checking when parsing files from CAB archives.
Affected
Symantec Endpoint Protection (SEP) version 11.x Symantec Endpoint Protection Small Business Edition version 12.0.x Symantec AntiVirus Corporate Edition (SAVCE) version 10.x
References