Symantec Mail Security for SMTP KeyView Excel SST Parsing RCE
High Nessus Plugin ID 40871
SynopsisAn email security application running on the remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe version of Symantec Mail Security for SMTP running on the remote host is affected by an integer overflow condition when parsing a Shared String Table (SST) record inside of an Excel file. One of the fields in the SST is a 32-bit integer used to specify the size of a dynamic memory allocation. This integer is not validated, which can result in a heap-based buffer overflow condition. A remote attacker can exploit this by tricking a user into viewing an email with a specially crafted Excel file, resulting in the execution of arbitrary code as SYSTEM.
SolutionApply patch level 205.