#VU570 Denial of service in Broadcom products - CVE-2016-5309
Published: September 21, 2016 / Updated: September 14, 2018
Vulnerability identifier: #VU570
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2016-5309
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vulnerable software:
Symantec Mail Security
Symantec Mail Security for Domino (SMSDOM)
Symantec Mail Security for Microsoft Exchange (SMSMSE)
Symantec Mail Security
Symantec Mail Security for Domino (SMSDOM)
Symantec Mail Security for Microsoft Exchange (SMSMSE)
Software vendor:
Broadcom
Broadcom
Description
The vulnerability allows a remote user to cause denial of service on the target application.
The weakness exists due to out-of-bounds memory read error. By using specially crafted RAR file attacker can cause denial of the application service.
Successful exploitation of the vulnerability resuslts in denial of service on the vulnerable application.
The weakness exists due to out-of-bounds memory read error. By using specially crafted RAR file attacker can cause denial of the application service.
Successful exploitation of the vulnerability resuslts in denial of service on the vulnerable application.
Remediation
Update Symantec Mail Security for Domino to 8.1.3.
Update Symantec Mail Security for Microsoft Exchange to 7.5.4.
Update Symantec Mail Security for Microsoft Exchange to 7.5.4.