Symantec Ghost Solutions Suite Backup File Memory Corruption Vulnerability
The information has been provided by Jeremy Brown.
The original article can be found at: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121010_00
* Symantec Ghost Solutions Suite (SGSS) 2.1 and prior
The issue arises when the application handles specially crafted files. Successful exploits may allow the attacker to execute arbitrary code in the context of application. Failed exploit attempts will likely result in denial-of-service conditions.
A vulnerability has been reported in Symantec Ghost Solution Suite, which can be exploited by malicious users to potentially compromise a vulnerable system. The vulnerability is caused due to an unspecified error when parsing backup files and can be exploited to corrupt memory via a specially crafted backup file placed in the appropriate path on the system. Successful exploitation may allow execution of arbitrary code
Published: Oct 10 2012 12:00AM
Updated: Oct 11 2012 07:00AM