CVE-2007-3699 (CNNVD-200710-086)

CRITICAL
中文标题:
Symantec AntiVirus畸形RAR文件解压堆溢出及拒绝服务漏洞
英文标题:
The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of ...
CVSS分数: 9.3
发布时间: 2007-10-05 21:00:00
漏洞类型: 授权问题
状态: PUBLISHED
数据质量分数: 0.30
数据版本: v3
漏洞描述
中文描述:

Symantec AntiVirus是非常流行的杀毒解决方案。 Symantec AntiVirus没有正确地处理RAR文件头中的伪造PACK_SIZE字段;如果将该字段设置为特定值的话,则扫描器在处理该文件时就可能触发死循环,导致拒绝服务。

英文描述:

The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.

CWE类型:
(暂无数据)
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
symantec antivirus_scan_engine 4.0 - - cpe:2.3:a:symantec:antivirus_scan_engine:4.0:*:*:*:*:*:*:*
symantec antivirus_scan_engine 4.1 - - cpe:2.3:a:symantec:antivirus_scan_engine:4.1:*:*:*:*:*:*:*
symantec antivirus_scan_engine 4.1.8 - - cpe:2.3:a:symantec:antivirus_scan_engine:4.1.8:*:*:*:*:*:*:*
symantec antivirus_scan_engine 4.3 - - cpe:2.3:a:symantec:antivirus_scan_engine:4.3:*:*:*:*:*:*:*
symantec antivirus_scan_engine 4.3.3 - - cpe:2.3:a:symantec:antivirus_scan_engine:4.3.3:*:*:*:*:*:*:*
symantec antivirus_scan_engine 4.3.7.27 - - cpe:2.3:a:symantec:antivirus_scan_engine:4.3.7.27:*:*:*:*:*:*:*
symantec antivirus_scan_engine 4.3.8.29 - - cpe:2.3:a:symantec:antivirus_scan_engine:4.3.8.29:*:*:*:*:*:*:*
symantec antivirus_scan_engine 4.3.12 - - cpe:2.3:a:symantec:antivirus_scan_engine:4.3.12:*:*:*:*:*:*:*
symantec antivirus_scan_engine 5.0 - - cpe:2.3:a:symantec:antivirus_scan_engine:5.0:*:*:*:*:*:*:*
symantec antivirus_scan_engine 5.0.1 - - cpe:2.3:a:symantec:antivirus_scan_engine:5.0.1:*:*:*:*:*:*:*
symantec brightmail_antispam 4.0 - - cpe:2.3:a:symantec:brightmail_antispam:4.0:*:*:*:*:*:*:*
symantec brightmail_antispam 5.5 - - cpe:2.3:a:symantec:brightmail_antispam:5.5:*:*:*:*:*:*:*
symantec brightmail_antispam 6.0 - - cpe:2.3:a:symantec:brightmail_antispam:6.0:*:*:*:*:*:*:*
symantec brightmail_antispam 6.0.1 - - cpe:2.3:a:symantec:brightmail_antispam:6.0.1:*:*:*:*:*:*:*
symantec brightmail_antispam 6.0.2 - - cpe:2.3:a:symantec:brightmail_antispam:6.0.2:*:*:*:*:*:*:*
symantec brightmail_antispam 6.0.3 - - cpe:2.3:a:symantec:brightmail_antispam:6.0.3:*:*:*:*:*:*:*
symantec brightmail_antispam 6.0.4 - - cpe:2.3:a:symantec:brightmail_antispam:6.0.4:*:*:*:*:*:*:*
symantec client_security 2.0 - - cpe:2.3:a:symantec:client_security:2.0:*:*:*:*:*:*:*
symantec client_security 2.0.1_build_9.0.1.1000 - - cpe:2.3:a:symantec:client_security:2.0.1_build_9.0.1.1000:mr1:*:*:*:*:*:*
symantec client_security 2.0.2_build_9.0.2.1000 - - cpe:2.3:a:symantec:client_security:2.0.2_build_9.0.2.1000:mr2:*:*:*:*:*:*
symantec client_security 2.0.3_build_9.0.3.1000 - - cpe:2.3:a:symantec:client_security:2.0.3_build_9.0.3.1000:mr3:*:*:*:*:*:*
symantec client_security 2.0.4 - - cpe:2.3:a:symantec:client_security:2.0.4:*:*:*:*:*:*:*
symantec client_security 2.0.5_build_1100_mp1 - - cpe:2.3:a:symantec:client_security:2.0.5_build_1100_mp1:mr5:*:*:*:*:*:*
symantec client_security 2.0.6 - - cpe:2.3:a:symantec:client_security:2.0.6:mr6:*:*:*:*:*:*
symantec client_security 3.0 - - cpe:2.3:a:symantec:client_security:3.0:*:*:*:*:*:*:*
symantec client_security 3.0.0.359 - - cpe:2.3:a:symantec:client_security:3.0.0.359:*:*:*:*:*:*:*
symantec client_security 3.0.1.1000 - - cpe:2.3:a:symantec:client_security:3.0.1.1000:*:*:*:*:*:*:*
symantec client_security 3.0.1.1001 - - cpe:2.3:a:symantec:client_security:3.0.1.1001:*:*:*:*:*:*:*
symantec client_security 3.0.1.1007 - - cpe:2.3:a:symantec:client_security:3.0.1.1007:*:*:*:*:*:*:*
symantec client_security 3.0.1.1008 - - cpe:2.3:a:symantec:client_security:3.0.1.1008:*:*:*:*:*:*:*
symantec client_security 3.0.2.2000 - - cpe:2.3:a:symantec:client_security:3.0.2.2000:*:*:*:*:*:*:*
symantec client_security 3.0.2.2001 - - cpe:2.3:a:symantec:client_security:3.0.2.2001:*:*:*:*:*:*:*
symantec client_security 3.0.2.2002 - - cpe:2.3:a:symantec:client_security:3.0.2.2002:*:*:*:*:*:*:*
symantec client_security 3.0.2.2010 - - cpe:2.3:a:symantec:client_security:3.0.2.2010:*:*:*:*:*:*:*
symantec client_security 3.0.2.2011 - - cpe:2.3:a:symantec:client_security:3.0.2.2011:*:*:*:*:*:*:*
symantec client_security 3.0.2.2020 - - cpe:2.3:a:symantec:client_security:3.0.2.2020:*:*:*:*:*:*:*
symantec client_security 3.0.2.2021 - - cpe:2.3:a:symantec:client_security:3.0.2.2021:*:*:*:*:*:*:*
symantec client_security 3.1 - - cpe:2.3:a:symantec:client_security:3.1:*:*:*:*:*:*:*
symantec client_security 3.1.394 - - cpe:2.3:a:symantec:client_security:3.1.394:*:*:*:*:*:*:*
symantec client_security 3.1.396 - - cpe:2.3:a:symantec:client_security:3.1.396:*:*:*:*:*:*:*
symantec client_security 3.1.400 - - cpe:2.3:a:symantec:client_security:3.1.400:*:*:*:*:*:*:*
symantec client_security 3.1.401 - - cpe:2.3:a:symantec:client_security:3.1.401:*:*:*:*:*:*:*
symantec mail_security 4.0 - - cpe:2.3:a:symantec:mail_security:4.0:*:domino:*:*:*:*:*
symantec mail_security 4.0.1 - - cpe:2.3:a:symantec:mail_security:4.0.1:*:domino:*:*:*:*:*
symantec mail_security 4.1 - - cpe:2.3:a:symantec:mail_security:4.1:build458:microsoft_exchange:*:*:*:*:*
symantec mail_security 4.5 - - cpe:2.3:a:symantec:mail_security:4.5:*:microsoft_exchange:*:*:*:*:*
symantec mail_security 4.5.4.743 - - cpe:2.3:a:symantec:mail_security:4.5.4.743:*:microsoft_exchange:*:*:*:*:*
symantec mail_security 4.5_build_719 - - cpe:2.3:a:symantec:mail_security:4.5_build_719:*:exchange:*:*:*:*:*
symantec mail_security 4.5_build_736 - - cpe:2.3:a:symantec:mail_security:4.5_build_736:*:exchange:*:*:*:*:*
symantec mail_security 4.5_build_741 - - cpe:2.3:a:symantec:mail_security:4.5_build_741:*:exchange:*:*:*:*:*
symantec mail_security 4.6.1.107 - - cpe:2.3:a:symantec:mail_security:4.6.1.107:*:microsoft_exchange:*:*:*:*:*
symantec mail_security 4.6.3 - - cpe:2.3:a:symantec:mail_security:4.6.3:*:microsoft_exchange:*:*:*:*:*
symantec mail_security 4.6_build_97 - - cpe:2.3:a:symantec:mail_security:4.6_build_97:*:exchange:*:*:*:*:*
symantec mail_security 5.0 - - cpe:2.3:a:symantec:mail_security:5.0:*:microsoft_exchange:*:*:*:*:*
symantec mail_security 5.0.0.204 - - cpe:2.3:a:symantec:mail_security:5.0.0.204:*:microsoft_exchange:*:*:*:*:*
symantec mail_security 5.0.1 - - cpe:2.3:a:symantec:mail_security:5.0.1:*:smtp:*:*:*:*:*
symantec mail_security 5.1.0 - - cpe:2.3:a:symantec:mail_security:5.1.0:*:domino:*:*:*:*:*
symantec mail_security 6.0.0 - - cpe:2.3:a:symantec:mail_security:6.0.0:*:microsoft_exchange:*:*:*:*:*
symantec norton_antivirus * - - cpe:2.3:a:symantec:norton_antivirus:*:*:corporate_edition_for_linux:*:*:*:*:*
symantec norton_antivirus 9.0 - - cpe:2.3:a:symantec:norton_antivirus:9.0:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 9.0.0 - - cpe:2.3:a:symantec:norton_antivirus:9.0.0:*:macintosh:*:*:*:*:*
symantec norton_antivirus 9.0.0.338 - - cpe:2.3:a:symantec:norton_antivirus:9.0.0.338:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 9.0.1 - - cpe:2.3:a:symantec:norton_antivirus:9.0.1:*:macintosh:*:*:*:*:*
symantec norton_antivirus 9.0.1.1.1000 - - cpe:2.3:a:symantec:norton_antivirus:9.0.1.1.1000:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 9.0.2 - - cpe:2.3:a:symantec:norton_antivirus:9.0.2:*:macintosh:*:*:*:*:*
symantec norton_antivirus 9.0.2.1000 - - cpe:2.3:a:symantec:norton_antivirus:9.0.2.1000:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 9.0.3 - - cpe:2.3:a:symantec:norton_antivirus:9.0.3:*:macintosh:*:*:*:*:*
symantec norton_antivirus 9.0.3.1000 - - cpe:2.3:a:symantec:norton_antivirus:9.0.3.1000:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 9.0.4 - - cpe:2.3:a:symantec:norton_antivirus:9.0.4:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 9.0.5 - - cpe:2.3:a:symantec:norton_antivirus:9.0.5:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 9.0.5.1100 - - cpe:2.3:a:symantec:norton_antivirus:9.0.5.1100:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 9.0.6.1000 - - cpe:2.3:a:symantec:norton_antivirus:9.0.6.1000:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0 - - cpe:2.3:a:symantec:norton_antivirus:10.0:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.0 - - cpe:2.3:a:symantec:norton_antivirus:10.0.0:*:macintosh:*:*:*:*:*
symantec norton_antivirus 10.0.0.359 - - cpe:2.3:a:symantec:norton_antivirus:10.0.0.359:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.1 - - cpe:2.3:a:symantec:norton_antivirus:10.0.1:*:macintosh:*:*:*:*:*
symantec norton_antivirus 10.0.1.1000 - - cpe:2.3:a:symantec:norton_antivirus:10.0.1.1000:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.1.1007 - - cpe:2.3:a:symantec:norton_antivirus:10.0.1.1007:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.1.1008 - - cpe:2.3:a:symantec:norton_antivirus:10.0.1.1008:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.2.2000 - - cpe:2.3:a:symantec:norton_antivirus:10.0.2.2000:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.2.2001 - - cpe:2.3:a:symantec:norton_antivirus:10.0.2.2001:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.2.2002 - - cpe:2.3:a:symantec:norton_antivirus:10.0.2.2002:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.2.2010 - - cpe:2.3:a:symantec:norton_antivirus:10.0.2.2010:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.2.2011 - - cpe:2.3:a:symantec:norton_antivirus:10.0.2.2011:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.2.2020 - - cpe:2.3:a:symantec:norton_antivirus:10.0.2.2020:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.0.2.2021 - - cpe:2.3:a:symantec:norton_antivirus:10.0.2.2021:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.1 - - cpe:2.3:a:symantec:norton_antivirus:10.1:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.1.4 - - cpe:2.3:a:symantec:norton_antivirus:10.1.4:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.1.4.4010 - - cpe:2.3:a:symantec:norton_antivirus:10.1.4.4010:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.1.394 - - cpe:2.3:a:symantec:norton_antivirus:10.1.394:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.1.396 - - cpe:2.3:a:symantec:norton_antivirus:10.1.396:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.1.400 - - cpe:2.3:a:symantec:norton_antivirus:10.1.400:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.1.401 - - cpe:2.3:a:symantec:norton_antivirus:10.1.401:*:corporate_edition:*:*:*:*:*
symantec norton_antivirus 10.9.1 - - cpe:2.3:a:symantec:norton_antivirus:10.9.1:*:macintosh:*:*:*:*:*
symantec norton_antivirus 2004 - - cpe:2.3:a:symantec:norton_antivirus:2004:*:*:*:*:*:*:*
symantec norton_antivirus 2005 - - cpe:2.3:a:symantec:norton_antivirus:2005:*:*:*:*:*:*:*
symantec norton_antivirus 2006 - - cpe:2.3:a:symantec:norton_antivirus:2006:*:*:*:*:*:*:*
symantec norton_internet_security 3.0 - - cpe:2.3:a:symantec:norton_internet_security:3.0:*:macintosh:*:*:*:*:*
symantec norton_internet_security 2004 - - cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:*
symantec norton_internet_security 2005 - - cpe:2.3:a:symantec:norton_internet_security:2005:*:*:*:*:*:*:*
symantec norton_internet_security 2006 - - cpe:2.3:a:symantec:norton_internet_security:2006:*:*:*:*:*:*:*
symantec norton_personal_firewall 2006 - - cpe:2.3:a:symantec:norton_personal_firewall:2006:*:*:*:*:*:*:*
symantec norton_personal_firewall 2006_9.1.0.33 - - cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.0.33:*:*:*:*:*:*:*
symantec norton_personal_firewall 2006_9.1.1.7 - - cpe:2.3:a:symantec:norton_personal_firewall:2006_9.1.1.7:*:*:*:*:*:*:*
symantec norton_system_works 3.0 - - cpe:2.3:a:symantec:norton_system_works:3.0:*:macintosh:*:*:*:*:*
symantec norton_system_works 2004 - - cpe:2.3:a:symantec:norton_system_works:2004:*:*:*:*:*:*:*
symantec norton_system_works 2005 - - cpe:2.3:a:symantec:norton_system_works:2005:*:*:*:*:*:*:*
symantec norton_system_works 2006 - - cpe:2.3:a:symantec:norton_system_works:2006:*:*:*:*:*:*:*
symantec symantec_antivirus_filtering_\+for_domino 3.0.12 - - cpe:2.3:a:symantec:symantec_antivirus_filtering_\+for_domino:3.0.12:*:*:*:*:*:*:*
symantec web_security 2.5 - - cpe:2.3:a:symantec:web_security:2.5:*:*:*:*:*:*:*
symantec web_security 3.0 - - cpe:2.3:a:symantec:web_security:3.0:*:*:*:*:*:*:*
symantec web_security 3.0.1 - - cpe:2.3:a:symantec:web_security:3.0.1:*:*:*:*:*:*:*
symantec web_security 3.0.1.70 - - cpe:2.3:a:symantec:web_security:3.0.1.70:*:*:*:*:*:*:*
symantec web_security 3.0.1.76 - - cpe:2.3:a:symantec:web_security:3.0.1.76:*:*:*:*:*:*:*
symantec web_security 3.0.1_build_3.01.70 - - cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.70:*:*:*:*:*:*:*
symantec web_security 3.0.1_build_3.01.72 - - cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.72:*:*:*:*:*:*:*
symantec web_security 3.0.1_build_3.01.74 - - cpe:2.3:a:symantec:web_security:3.0.1_build_3.01.74:*:*:*:*:*:*:*
symantec web_security 3.01.59 - - cpe:2.3:a:symantec:web_security:3.01.59:*:*:*:*:*:*:*
symantec web_security 3.01.60 - - cpe:2.3:a:symantec:web_security:3.01.60:*:*:*:*:*:*:*
symantec web_security 3.01.61 - - cpe:2.3:a:symantec:web_security:3.01.61:*:*:*:*:*:*:*
symantec web_security 3.01.62 - - cpe:2.3:a:symantec:web_security:3.01.62:*:*:*:*:*:*:*
symantec web_security 3.01.63 - - cpe:2.3:a:symantec:web_security:3.01.63:*:*:*:*:*:*:*
symantec web_security 3.01.67 - - cpe:2.3:a:symantec:web_security:3.01.67:*:*:*:*:*:*:*
symantec web_security 3.01.68 - - cpe:2.3:a:symantec:web_security:3.01.68:*:*:*:*:*:*:*
symantec web_security 5.0 - - cpe:2.3:a:symantec:web_security:5.0:*:microsoft_isa_2004:*:*:*:*:*
symantec gateway_security_5000_series 3.0.1 - - cpe:2.3:h:symantec:gateway_security_5000_series:3.0.1:*:*:*:*:*:*:*
symantec gateway_security_5400 2.0.1 - - cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*
symantec mail_security_8820_appliance * - - cpe:2.3:h:symantec:mail_security_8820_appliance:*:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
26053 third-party-advisory
cve.org
访问
ADV-2007-2508 vdb-entry
cve.org
访问
36119 vdb-entry
cve.org
访问
无标题 x_refsource_MISC
cve.org
访问
无标题 x_refsource_CONFIRM
cve.org
访问
24282 vdb-entry
cve.org
访问
CVSS评分详情
9.3
CRITICAL
CVSS向量: AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS版本: 2.0
机密性
COMPLETE
完整性
COMPLETE
可用性
COMPLETE
时间信息
发布时间:
2007-10-05 21:00:00
修改时间:
2024-08-07 14:28:52
创建时间:
2025-11-11 15:32:45
更新时间:
2025-11-11 15:49:21
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2007-3699 2025-11-11 15:17:54 2025-11-11 07:32:45
NVD nvd_CVE-2007-3699 2025-11-11 14:52:12 2025-11-11 07:41:31
CNNVD cnnvd_CNNVD-200710-086 2025-11-11 15:08:57 2025-11-11 07:49:21
版本与语言
当前版本: v3
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v3 CNNVD
2025-11-11 15:49:21
vulnerability_type: 未提取 → 授权问题; cnnvd_id: 未提取 → CNNVD-200710-086; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 授权问题
  • cnnvd_id: 未提取 -> CNNVD-200710-086
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:41:31
severity: SeverityLevel.MEDIUM → SeverityLevel.CRITICAL; cvss_score: 未提取 → 9.3; cvss_vector: NOT_EXTRACTED → AV:N/AC:M/Au:N/C:C/I:C/A:C; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 128; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • severity: SeverityLevel.MEDIUM -> SeverityLevel.CRITICAL
  • cvss_score: 未提取 -> 9.3
  • cvss_vector: NOT_EXTRACTED -> AV:N/AC:M/Au:N/C:C/I:C/A:C
  • cvss_version: NOT_EXTRACTED -> 2.0
  • affected_products_count: 0 -> 128
  • data_sources: ['cve'] -> ['cve', 'nvd']