Symantec Client Security and Symantec AntiVirus Elevation of Privilege

Heres a nasty little problem with Symantec Antivirus Corperate Edition, in theroy if you don’t patch the antivirus itself can be exploited to run apps on your system.

Symantec was notified that Symantec Client Security and Symantec AntiVirus Corporate Edition are susceptible to a potential stack overflow. Exploiting this overflow successfully could potentially cause a system crash, or allow a remote or local attacker to execute arbitrary code with System level rights on the affected system.

Whats interesting is if you have a firewall enabled it shouldn’t be able to get though unless you open the remote administration port (TCP 2967)

SYM06-010 – Symantec Client Security and Symantec AntiVirus Elevation of Privilege