Submission + - Mail Security: File Parsing Vulnerabilities (hyperphp.com)
devkhadka writes: "Multiple vulnerabilities have been discovered in Symantec Mail Security for Exchange, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.The vulnerabilities are caused due to various errors within certain third-party file viewers and can be exploited to cause buffer overflows when a specially crafted file is checked. Successful exploitation allows execution of arbitrary code. And are exploited to cause buffer overflows by tricking a user into viewing a specially crafted file.
The following file viewers are affected:
* mifsr.dll
* awsr.dll
* kpagrdr.dll
* exesr.dll
* rtfsr.dll
* mwsr.dll
* exesr.dll
* wp6sr.dll
* lasr.dll"