On 4/28/2009 4:39 PM, ZDI Disclosures wrote:
an attacker can overflow that buffer leading
to arbitrary code execution in the context of the SYSTEM user.
-- Disclosure Timeline:
2007-09-14 - Vulnerability reported to vendor
2009-04-28 - Coordinated public release of advisory
WTF? What ever h
ZDI-09-018: Symantec Client Security Alert Originator Service Stack Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-018
April 28, 2009
-- CVE ID:
CVE-2009-1430
-- Affected Vendors:
Symantec
-- Affected Products:
Symantec Client Security
-- TippingPoint(TM) IPS