Main
Vulnerability Database
Exploits
ID:364 - Exploit for Heap-based buffer overflow in Broadcom products - CVE-2016-3644
ID:364 - Exploit for Heap-based buffer overflow in Broadcom products - CVE-2016-3644
Published: March 18, 2020
Vulnerability identifier: #VU66
Vulnerability risk: High
CVE-ID: CVE-2016-3644
CWE-ID: CWE-122
Exploitation vector: Remote access
Vulnerable software:
Symantec Scan Engine
Symantec Protection for SharePoint Servers (SPSS)
Symantec Mail Security for Domino (SMSDOM)
Symantec Mail Security for Microsoft Exchange (SMSMSE)
Symantec Protection Engine (SPE)
Symantec Data Center Security:Server (SDCS:S)
Symantec Scan Engine
Symantec Protection for SharePoint Servers (SPSS)
Symantec Mail Security for Domino (SMSDOM)
Symantec Mail Security for Microsoft Exchange (SMSMSE)
Symantec Protection Engine (SPE)
Symantec Data Center Security:Server (SDCS:S)
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to cause heap overflow.
The vulnerability exists due to an error when Symantec attempts to clean or remove components from archives which are detected as malicious ones. The heap overflow occurs because Symantec assumes that filenames cannot be longer than 77 characters, which isn't correct.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
The vulnerability exists due to an error when Symantec attempts to clean or remove components from archives which are detected as malicious ones. The heap overflow occurs because Symantec assumes that filenames cannot be longer than 77 characters, which isn't correct.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Updates to resolve these issues can be installed using product update functionality. Users of Symantec Endpoint Protection (SEP), Symantec Protection Engine (SPE), Symantec Protection for SharePoint Servers (SPSS), Symantec Mail Security for Microsoft Exchange (SMSMSE) and Symantec Mail Security for Domino (SMSDOM) should apply custom patches. For more information, please refer to vendors advisory, specified in External links section.