Denial of service in Symantec Endpoint Protection



Published: 2016-09-21 | Updated: 2018-09-14
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2016-5309
CWE-ID CWE-284
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe 		Symantec Endpoint Protection
Client/Desktop applications / Antivirus software/Personal firewalls

Vendor Broadcom

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Denial of service

EUVDB-ID: #VU575

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2016-5309

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: Yes

Description

The vulnerability allows a remote user to cause denial of service on the target application.
The weakness exists due to out-of-bounds memory read error. By using specially crafted RAR file attacker can cause denial of the application service.
Successful exploitation of the vulnerability resuslts in denial of service on the vulnerable application.

Mitigation

Update to 12.1.6 MP5.

Vulnerable software versions

: 11 - 15.0.5

External links

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=sec...


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###