---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. ---------------------------------------------------------------------- TITLE: Symantec Products Real-Time Scanner Notification Window Privilege Escalation SECUNIA ADVISORY ID: SA26054 VERIFY ADVISORY: http://secunia.com/advisories/26054/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Symantec AntiVirus Corporate Edition 9.x http://secunia.com/product/3549/ Symantec AntiVirus Corporate Edition 10.x http://secunia.com/product/5555/ Symantec Client Security 2.x http://secunia.com/product/3478/ Symantec Client Security 3.x http://secunia.com/product/6649/ DESCRIPTION: A vulnerability has been reported in some Symantec products, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the Real-Time scanner (RTVScan) component when displaying a notification window containing information on threats found on a system. This can be exploited to execute arbitrary code with SYSTEM privileges. The vulnerability is reported in the following products and versions: * Symantec AntiVirus Corporate Edition versions 9.0, 10.0 and 10.1 * Symantec Client Security versions 2.0, 3.0, and 2.1 SOLUTION: Apply updates. http://www.symantec.com/enterprise/support/all_products.jsp Symantec AntiVirus Corporate Edition 9.0: SAV 9.0.6 MR6 MP1- build 1100 or later Symantec AntiVirus Corporate Edition 10.0/10.1: 10.1.4 MR4 MP1- build 4010 or later Symantec Client Security 2.0: SCS 2.0.6 MR6 MP1 - build 1100 or later Symantec Client Security 3.0/3.1: SCS 3.1.4 MR4 MP1 - build 4010 or later PROVIDED AND/OR DISCOVERED BY: The vendor credits Ali Rhabar, Sysdream. ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11c.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------