Vigil@nce: Symantec, Norton AV, denial of service
August 2009 by Vigil@nce
An attacker can send a malicious email, in order to prevent the
victim from reading his other emails.
Severity: 1/4
Consequences: denial of service of service
Provenance: document
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 28/08/2009
IMPACTED PRODUCTS
– Symantec Antivirus
– Symantec Norton AntiVirus
– Symantec Norton Internet Security
DESCRIPTION OF THE VULNERABILITY
The Norton AntiVirus, Norton Internet Security, Symantec AntiVirus
Corporate Edition and Symantec Client Security products use the
Internet Email Scanning feature to scan emails when they are
downloaded from the mail server.
However, a malicious email generates an infinite loop in the
analysis engine, and interrupts the session with the mail server.
The victim then cannot download his emails.
An attacker can therefore send a malicious email, in order to
prevent the victim from reading his other emails.
CHARACTERISTICS
Identifiers: BID-34670, SYM09-012, VIGILANCE-VUL-8982
http://vigilance.fr/vulnerability/Symantec-Norton-AV-denial-of-service-8982