Overview
Symantec Norton AntiVirus may hang or crash when the Auto-Protect module SmartScan feature scans a renamed file on a network share.
Description
Symantec Norton AntiVirus is an anti-virus product for desktop and enterprise use. The Norton AntiVirus "Auto-Protect" module provides automatic file scanning and detection of viruses, Trojans, and worms. The Auto-Protect module includes a feature called "SmartScan" which, as an alternative to scanning all file types, only scans specifically targeted file types and extensions. A flaw in the SmartScan feature is triggered when a file residing on a network share is renamed that may cause excessive CPU consumption and an eventual system hang or crash as a result. |
Impact
A local authenticated user may be able to cause the system to crash or hang by renaming a file residing on a network share. |
Solution
Apply an update Symantec has released fixes for this problem that are available through the LiveUpdate functionality of the products. Symantec advisory SYM05-006 provides details on obtaining updates through LiveUpdate or other channels. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Isamu Noguchi, JPCERT, and IPA for reporting this vulnerability.
This document was written by Ken MacInnis.
Other Information
| CVE IDs: | CVE-2005-0923 |
| Severity Metric: | 4.05 |
| Date Public: | 2005-03-28 |
| Date First Published: | 2005-03-30 |
| Date Last Updated: | 2005-03-30 20:18 UTC |
| Document Revision: | 5 |