Vulnerability identifier: #VU570

Vulnerability risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]

CVE-ID: CVE-2016-5309

CWE-ID: CWE-284

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Symantec Mail Security
Server applications / IDS/IPS systems, Firewalls and proxy servers
Symantec Mail Security for Domino (SMSDOM)
Server applications / IDS/IPS systems, Firewalls and proxy servers
Symantec Mail Security for Microsoft Exchange (SMSMSE)
Server applications / IDS/IPS systems, Firewalls and proxy servers

Vendor: Broadcom

Description
The vulnerability allows a remote user to cause denial of service on the target application.
The weakness exists due to out-of-bounds memory read error. By using specially crafted RAR file attacker can cause denial of the application service.
Successful exploitation of the vulnerability resuslts in denial of service on the vulnerable application.

Mitigation
Update Symantec Mail Security for Domino to 8.1.3.
Update Symantec Mail Security for Microsoft Exchange to 7.5.4.

Vulnerable software versions

Symantec Mail Security: 4.0 - 8.0.2

Symantec Mail Security for Domino (SMSDOM): 8.0.9

Symantec Mail Security for Microsoft Exchange (SMSMSE): 6.5.8 - 7.0.4

---

External links
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=sec...

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.