Symantec Antivirus Engine 20126.96.36.199 Malformed PE Header Parser Memory Access Violation (SYM16-008)
High Nessus Plugin ID 91261
SynopsisAn antivirus application installed on the remote host is affected by a remote code execution vulnerability.
DescriptionThe version of Symantec Antivirus Engine (AVE) installed on the remote host is 20188.8.131.52. It is, therefore, affected by a remote code execution vulnerability due to improper parsing of malformed portable-executable (PE) header files and executables packed with early versions of Aspack. A remote attacker can exploit this by convincing a user to download and scan a document or application containing specially crafted PE header files, resulting in the execution of arbitrary code.
SolutionUpgrade to Symantec Antivirus Engine 20184.108.40.206 or later.