System administrators are advised to deploy the associated patches as soon as possible.
Symantec Corp
system
An attacker may leverage these issues to carry out a denial-of-service attack or execute arbitrary code on an affected computer with the privileges of the user viewing a malicious image. An attacker may gain system privileges if an administrator views the malicious file. Local code execution may also facilitate a complete compromise.
system gain image compromise issues computer execution code views
Successful exploitation of this overflow condition could possibly allow a malicious attacker to create a denial of service disrupting backup systems or potentially allow execution of arbitrary code with elevated privileges on a targeted system.
system denial successful exploitation create execution code systems
Active exploitation of this issue has been, and continues to be, observed. A primitive instant messenger worm has been observed that employs this vulnerability as a propagation vector. Additionally, there are reports that exploits for this issue are getting spammed to e-mail addresses. It is believed that exploitation of this issue will continue to increase.
exploitation vulnerability active
You must log in to post a comment.
There are no comments yet.