Isamu Noguchi has reported two vulnerabilities in Symantec Norton AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) An unspecified error in the Auto-Protect module during scan of specific file types can be exploited to cause the system to hang or crash.
2) An error in the SmartScan feature in Auto-Protect, when a file located on a network share is renamed, it can be exploited to consume a large amount of CPU resources or cause a system crash.
The following products are affected:
* Symantec Norton AntiVirus 2004
* Symantec Norton Internet Security 2004 (Professional)
* Symantec Norton SystemWorks 2004 (Professional)
* Symantec Norton AntiVirus 2005
* Symantec Norton Internet Security 2005
* Symantec Norton SystemWorks 2005 (Premier)
Release Date: 2005-03-29
Critical: Less critical
Where: From remote
Solution Status: Vendor Patch
Solution: The vendor has issued a fix, which is available via LiveUpdate.