An independent security researcher on Tuesday flagged an unpatched flaw in the Symantec AntiVirus Library and warned that attackers could exploit the bug to execute arbitrary code when a malicious RAR archive is scanned.
In a published advisory, here in PDF form, researcher Alex Wheeler said the vulnerability is the result of unchecked 16-bit length fields in RAR sub-block header types.
An attacker may craft a sub-block header to overwrite heap memory with user controlled file data to execute arbitrary code. Successful attack will yield system/root-level privileges and is available through e-mail without user interaction, Wheeler said.
The RAR file format is widely used for data compression and archiving and is popular among users looking to compress very large music and video files.
read more
Linear Mode
