Intrusion Prevention

Symantec.MIME.Messages.Parsing.Heap.Overflow

Description

This indicates an attack attempt against a Heap overflow vulnerability in multiple Symantec products.
The vulnerability is caused by an error when the vulnerable software handles a crafted MIME context. It allows a remote attacker to execute arbitrary code via a crafted mail.

Affected Products

Symantec Data Center Security:Server (SDCS:S) 6.0, 6.0MP1, 6.5, 6.5MP1, 6.6, 6.6MP1
Symantec Web Security .Cloud
Email Security Server .Cloud (ESS)
Symantec Web Gateway 12.1.6 MP4 and prior
Symantec Endpoint Protection (SEP) 12.1.6 MP4 and prior
Symantec Endpoint Protection for Mac (SEP for Mac) 12.1.6 MP4 and prior
Symantec Endpoint Protection for Linux (SEP for Linux) 12.1.6 MP4 and prior
Symantec Protection Engine (SPE) 7.8.0 and prior
Symantec Protection for SharePoint Servers (SPSS) 6.0.6 and prior
Symantec Mail Security for Microsoft Exchange (SMSMSE) 7.5.4 and prior
Symantec Mail Security for Domino (SMSDOM) 8.1.3 and prior
CSAPI 10.0.4 and prior
Symantec Message Gateway (SMG) SMG 10.6.1-3 and prior
Symantec Message Gateway for Service Providers (SMG-SP) 10.5 and 10.6
Norton AntiVirus prior to NGC 22.7
Norton Security prior to NGC 22.7
Norton Security with Backup prior to NGC 22.7
Norton Internet Security prior to NGC 22.7
Norton 360 prior to NGC 22.7
Norton Security for Mac prior to 13.0.2
Norton Power Eraser (NPE) prior to 5.1
Norton Bootable Removal Tool (NBRT) prior to 2016.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2016-3644