• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Symantec Security Check Virus Detection COM Object Denial Of Service Vulnerability

Severity: MODERATE

Description:

Symantec Virus Detection is a web-based service that detects viruses and trojan horses. It is a freely available service that can be run via Microsoft Internet Explorer, Netscape Communicator or Apple Safari web browsers. The Symantec.SymVAFileQuery.1 is a COM object used by the service that is installed on a system only when the user of that system navigates to the Symantec Virus Detection site and initiates virus detection.

It has been reported that the Symantec Virus Detection Symantec.SymVAFileQuery.1 COM object is prone to a denial of service vulnerability. When the object is invoked with excessive data, the browser will crash.

The problem is reported to present itself when a malicious script invokes the offending COM object and provides sufficient parameters to the method 'GetPrivateProfileString()' to trigger this issue. The offending method operates on two string parameters. A string of excessive length, reportedly 7400000 characters, may trigger a crash in the web client that the object has been invoked through.

Successful exploitation would immediately produce a denial of service condition in the affected browser. Although initially reported as a buffer overflow, this issue does not appear to present any threat of remote code execution.

It should be noted that the vulnerable object may not be invoked from scripts outside of the Symantec domain, however, vulnerabilities that permit malicious content to be executed in the context of the domain (such as HTML injection or cross-site scripting vulnerabilities as well as web browser security model issues) may still permit exploitation of this issue.

Affected Products:

• Symantec Security Check 0.0.0Virus Detection

References:

• "Rafel Ivgi, The-Insider" <theinsider@012.net.il>: Symantec Virus Detection(Free ActiveX)
• Symantec: Security Check

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.