This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
An email security application running on the remote Windows host is
affected by a remote code execution vulnerability.
The version of Symantec Mail Security for SMTP running on the remote
host is affected by an integer overflow condition when parsing a
Shared String Table (SST) record inside of an Excel file. One of the
fields in the SST is a 32-bit integer used to specify the size of a
dynamic memory allocation. This integer is not validated, which can
result in a heap-based buffer overflow condition. A remote attacker
can exploit this by tricking a user into viewing an email with a
specially crafted Excel file, resulting in the execution of arbitrary
code as SYSTEM.
See also :
Apply patch level 205.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true