Symantec fixes flaws in Norton, pcAnywhere

By Bill Brenner, Senior News Writer 10 May 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

The Cupertino, Calif.-based antivirus giant said a flaw in an ActiveX control used by Norton AntiVirus could potentially be exploited by a malicious Web site. An attacker could exploit the flaw to execute code remotely, the vendor said in an advisory.

A design error in NAVOPTS.DLL, the ActiveX control used in Norton AntiVirus, could potentially allow an attacker to crash the control if the user visits a malicious Web site. It "could then allow the attacker to access other Symantec ActiveX controls, even if they are not marked safe for scripting, possibly leading to remote arbitrary code execution in the context of the user's browser," the company added.

The flaw can only be exploited if an attacker tricks the user into visiting a malicious Web site.

"This type of attack is most commonly achieved through sending email containing a link to the malicious site, and persuading the recipient to click on the link," Symantec said.

Symantec has released a fix through its LiveUpdate program.

And though it's no longer a supported version, Symantec said it is preparing a fix for pcAnywhere version 11.5.0. The fix would be made available with no support available, Symantec said, adding that users who want full product support should upgrade to the latest version.

The problem with this version is that a remote user's connection credentials are stored in clear text within the Symantec pcAnywhere host server's process memory when a remote session is requested.

"The credentials of a remote user requesting a session connection can be compromised if a user with administration rights on the host machine utilizes tools to dump the process memory," Symantec said.

Tags: Security Patch Management,  Email and Messaging Threats (spam, phishing, instant messaging),  Web Server Threats and Countermeasures,  Web Application and Web 2.0 Threats,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Security Patch Management Adobe fixes critical Shockwave Flash Player flaw Mozilla patches 11 Firefox security flaws, JavaScript errors Microsoft patches WebDAV security vulnerability in bevy of updates Adobe issues first quarterly patch release fixing 13 flaws Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities Adobe shifts to Microsoft patching process, incident response plan Software delivery could fix software patching issues Microsoft updates Office to address serious PowerPoint vulnerabilities Microsoft to patch critical PowerPoint zero-day flaw Firefox update addresses several security flaws Email and Messaging Threats (spam, phishing, instant messaging) Unified communications: Securing a converged infrastructure Chained Exploits: How to prevent phishing attacks from corporate spies 3FN.net ISP shutdown interrupts spam campaigns Swine flu outbreak results in spam pandemic What does 'invoked by uid 78' mean? Economy fuels malware, spam Internet Explorer 8 includes a bevy of security features Adobe JBIG2 exploits being spammed, IBM warns Fierce competition prompted new Cisco email security options Cisco brings email security appliances closer to SaaS Email and Messaging Threats (spam, phishing, instant messaging) Research Web Server Threats and Countermeasures Stolen FTP credentials likely in massive website attacks Microsoft warns of IIS zero-day vulnerability How to find and stop automated SQL injection attacks How to spot attacks through Apache Web server log analysis Symantec acquires Mi5 Networks, bolsters Web security How to harden Linux operating systems How to clear out anonymous Web proxy servers in the workplace Information security book excerpts and reviews Is it more secure to have a mainframe or a collection of servers? How does a Web server model differ from an application server model?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary attack vector  (SearchSecurity.com) back door  (SearchSecurity.com) ethical worm  (SearchSecurity.com) Patch Tuesday  (SearchSecurity.com) zero-day exploit  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary