The SmartScan feature in the Auto-Protect module for Symantec Norton AntiVirus 2004 and 2005, as also used in Internet Security 2004/2005 and System Works 2004/2005, allows attackers to cause a denial of service (CPU consumption and system crash) by renaming a file on a network share.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Norton_antivirus | Symantec | 2.1 (including) | 2.1 (including) |
| Norton_antivirus | Symantec | 2005 (including) | 2005 (including) |
| Norton_internet_security | Symantec | 2004 (including) | 2004 (including) |
| Norton_internet_security | Symantec | 2005 (including) | 2005 (including) |
| Norton_system_works | Symantec | 2004_professional (including) | 2004_professional (including) |
| Norton_system_works | Symantec | 2005_premier (including) | 2005_premier (including) |
References
- http://secunia.com/advisories/14741
- http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html
- http://securitytracker.com/id?1013585
- http://securitytracker.com/id?1013586
- http://securitytracker.com/id?1013587
- http://www.kb.cert.org/vuls/id/713620
- http://www.securityfocus.com/bid/12924
- http://secunia.com/advisories/14741
- http://securityresponse.symantec.com/avcenter/security/Content/2005.03.28.html
- http://securitytracker.com/id?1013585
- http://securitytracker.com/id?1013586
- http://securitytracker.com/id?1013587
- http://www.kb.cert.org/vuls/id/713620
- http://www.securityfocus.com/bid/12924