Denial of service in Symantec Web Gateway - CVE-2016-5309
Published: September 21, 2016
Vulnerability identifier: #VU572
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-5309
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Broadcom
Affected software:
Symantec Web Gateway
Symantec Web Gateway
Detailed vulnerability description
The vulnerability allows a remote user to cause denial of service on the target application.
The weakness exists due to out-of-bounds memory read error. By using specially crafted RAR file attacker can cause denial of the application service.
Successful exploitation of the vulnerability resuslts in denial of service on the vulnerable application.
The weakness exists due to out-of-bounds memory read error. By using specially crafted RAR file attacker can cause denial of the application service.
Successful exploitation of the vulnerability resuslts in denial of service on the vulnerable application.
How to mitigate CVE-2016-5309
Vendor offers automatical updating via LiveUpdate.