CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Vulnerability Details : CVE-2007-3699

The Decomposer component in multiple Symantec products allows remote attackers to cause a denial of service (infinite loop) via a certain value in the PACK_SIZE field of a RAR archive file header.
Publish Date : 2007-10-05 Last Update Date : 2012-10-30
Search Twitter   Search YouTube   Search Google

- CVSS Scores & Vulnerability Types

CVSS Score
9.3
Confidentiality Impact Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication Not required (Authentication is not required to exploit the vulnerability.)
Gained Access None
Vulnerability Type(s) Denial Of Service
CWE ID CWE id is not defined for this vulnerability

- Products Affected By CVE-2007-3699

# Product Type Vendor Product Version Update Edition Language
1 Application Symantec Antivirus Scan Engine 4.0 Version Details Vulnerabilities
2 Application Symantec Antivirus Scan Engine 4.0 Clearswift Version Details Vulnerabilities
3 Application Symantec Antivirus Scan Engine 4.1 Version Details Vulnerabilities
4 Application Symantec Antivirus Scan Engine 4.1.8 Version Details Vulnerabilities
5 Application Symantec Antivirus Scan Engine 4.3 Version Details Vulnerabilities
6 Application Symantec Antivirus Scan Engine 4.3 Clearswift Version Details Vulnerabilities
7 Application Symantec Antivirus Scan Engine 4.3 Microsoft Sharepoint Version Details Vulnerabilities
8 Application Symantec Antivirus Scan Engine 4.3 Network Attached Storage Version Details Vulnerabilities
9 Application Symantec Antivirus Scan Engine 4.3 Caching Version Details Vulnerabilities
10 Application Symantec Antivirus Scan Engine 4.3.3 Version Details Vulnerabilities
11 Application Symantec Antivirus Scan Engine 4.3.7.27 Version Details Vulnerabilities
12 Application Symantec Antivirus Scan Engine 4.3.8.29 Version Details Vulnerabilities
13 Application Symantec Antivirus Scan Engine 4.3.12 Network Attached Storage Version Details Vulnerabilities
14 Application Symantec Antivirus Scan Engine 4.3.12 Version Details Vulnerabilities
15 Application Symantec Antivirus Scan Engine 4.3.12 Caching Version Details Vulnerabilities
16 Application Symantec Antivirus Scan Engine 4.3.12 Clearswift Version Details Vulnerabilities
17 Application Symantec Antivirus Scan Engine 4.3.12 Messaging Version Details Vulnerabilities
18 Application Symantec Antivirus Scan Engine 4.3.12 Microsoft Sharepoint Version Details Vulnerabilities
19 Application Symantec Antivirus Scan Engine 5.0 Version Details Vulnerabilities
20 Application Symantec Antivirus Scan Engine 5.0.1 Version Details Vulnerabilities
21 Application Symantec Brightmail Antispam 4.0 Version Details Vulnerabilities
22 Application Symantec Brightmail Antispam 5.5 Version Details Vulnerabilities
23 Application Symantec Brightmail Antispam 6.0 Version Details Vulnerabilities
24 Application Symantec Brightmail Antispam 6.0.1 Version Details Vulnerabilities
25 Application Symantec Brightmail Antispam 6.0.2 Version Details Vulnerabilities
26 Application Symantec Brightmail Antispam 6.0.3 Version Details Vulnerabilities
27 Application Symantec Brightmail Antispam 6.0.4 Version Details Vulnerabilities
28 Application Symantec Client Security 2.0 Build 9.0.0.338 STM Version Details Vulnerabilities
29 Application Symantec Client Security 2.0 Version Details Vulnerabilities
30 Application Symantec Client Security 2.0 Scf 7.1 Version Details Vulnerabilities
31 Application Symantec Client Security 2.0.1 Build 9.0.1.1000 MR1 Version Details Vulnerabilities
32 Application Symantec Client Security 2.0.2 Build 9.0.2.1000 MR2 Version Details Vulnerabilities
33 Application Symantec Client Security 2.0.3 Build 9.0.3.1000 MR3 Version Details Vulnerabilities
34 Application Symantec Client Security 2.0.4 Version Details Vulnerabilities
35 Application Symantec Client Security 2.0.4 Mr4 Build1000 Version Details Vulnerabilities
36 Application Symantec Client Security 2.0.5 Build 1100 Mp1 MR5 Version Details Vulnerabilities
37 Application Symantec Client Security 2.0.6 MR6 Version Details Vulnerabilities
38 Application Symantec Client Security 3.0 Version Details Vulnerabilities
39 Application Symantec Client Security 3.0.0.359 Version Details Vulnerabilities
40 Application Symantec Client Security 3.0.1.1000 Version Details Vulnerabilities
41 Application Symantec Client Security 3.0.1.1001 Version Details Vulnerabilities
42 Application Symantec Client Security 3.0.1.1007 Version Details Vulnerabilities
43 Application Symantec Client Security 3.0.1.1008 Version Details Vulnerabilities
44 Application Symantec Client Security 3.0.2.2000 Version Details Vulnerabilities
45 Application Symantec Client Security 3.0.2.2001 Version Details Vulnerabilities
46 Application Symantec Client Security 3.0.2.2002 Version Details Vulnerabilities
47 Application Symantec Client Security 3.0.2.2010 Version Details Vulnerabilities
48 Application Symantec Client Security 3.0.2.2011 Version Details Vulnerabilities
49 Application Symantec Client Security 3.0.2.2020 Version Details Vulnerabilities
50 Application Symantec Client Security 3.0.2.2021 Version Details Vulnerabilities
51 Application Symantec Client Security 3.1 Version Details Vulnerabilities
52 Application Symantec Client Security 3.1.394 Version Details Vulnerabilities
53 Application Symantec Client Security 3.1.396 Version Details Vulnerabilities
54 Application Symantec Client Security 3.1.400 Version Details Vulnerabilities
55 Application Symantec Client Security 3.1.401 Version Details Vulnerabilities
56 Hardware Symantec Gateway Security 5000 Series 3.0.1 Version Details Vulnerabilities
57 Hardware Symantec Gateway Security 5400 2.0.1 Version Details Vulnerabilities
58 Application Symantec Mail Security 4.0 Build743 Microsoft Exchange Version Details Vulnerabilities
59 Application Symantec Mail Security 4.0 Build456 Microsoft Exchange Version Details Vulnerabilities
60 Application Symantec Mail Security 4.0 Build463 Microsoft Exchange Version Details Vulnerabilities
61 Application Symantec Mail Security 4.0 Build465 Microsoft Exchange Version Details Vulnerabilities
62 Application Symantec Mail Security 4.0 Build736 Microsoft Exchange Version Details Vulnerabilities
63 Application Symantec Mail Security 4.0 Domino Version Details Vulnerabilities
64 Application Symantec Mail Security 4.0 Build741 Microsoft Exchange Version Details Vulnerabilities
65 Application Symantec Mail Security 4.0 Microsoft Exchange Version Details Vulnerabilities
66 Application Symantec Mail Security 4.0.1 Domino Version Details Vulnerabilities
67 Application Symantec Mail Security 4.1 Build458 Microsoft Exchange Version Details Vulnerabilities
68 Application Symantec Mail Security 4.1 Build459 Microsoft Exchange Version Details Vulnerabilities
69 Application Symantec Mail Security 4.1 Build461 Microsoft Exchange Version Details Vulnerabilities
70 Application Symantec Mail Security 4.5 Microsoft Exchange Version Details Vulnerabilities
71 Application Symantec Mail Security 4.5 Build 719 Exchange Version Details Vulnerabilities
72 Application Symantec Mail Security 4.5 Build 736 Exchange Version Details Vulnerabilities
73 Application Symantec Mail Security 4.5 Build 741 Exchange Version Details Vulnerabilities
74 Application Symantec Mail Security 4.5.4.743 Microsoft Exchange Version Details Vulnerabilities
75 Application Symantec Mail Security 4.6 Build 97 Exchange Version Details Vulnerabilities
76 Application Symantec Mail Security 4.6.1.107 Microsoft Exchange Version Details Vulnerabilities
77 Application Symantec Mail Security 4.6.3 Microsoft Exchange Version Details Vulnerabilities
78 Application Symantec Mail Security 5.0 Microsoft Exchange Version Details Vulnerabilities
79 Application Symantec Mail Security 5.0 Smtp Version Details Vulnerabilities
80 Application Symantec Mail Security 5.0.0.204 Microsoft Exchange Version Details Vulnerabilities
81 Application Symantec Mail Security 5.0.1 Smtp Version Details Vulnerabilities
82 Application Symantec Mail Security 5.1.0 Domino Version Details Vulnerabilities
83 Application Symantec Mail Security 6.0.0 Microsoft Exchange Version Details Vulnerabilities
84 Hardware Symantec Mail Security 8820 Appliance Version Details Vulnerabilities
85 Application Symantec Norton Antivirus Corporate Edition For Linux Version Details Vulnerabilities
86 Application Symantec Norton Antivirus 9.0 Macintosh Version Details Vulnerabilities
87 Application Symantec Norton Antivirus 9.0 Corporate Edition Version Details Vulnerabilities
88 Application Symantec Norton Antivirus 9.0.0 Macintosh Version Details Vulnerabilities
89 Application Symantec Norton Antivirus 9.0.0.338 Corporate Edition Version Details Vulnerabilities
90 Application Symantec Norton Antivirus 9.0.1 Macintosh Version Details Vulnerabilities
91 Application Symantec Norton Antivirus 9.0.1.1.1000 Corporate Edition Version Details Vulnerabilities
92 Application Symantec Norton Antivirus 9.0.2 Macintosh Version Details Vulnerabilities
93 Application Symantec Norton Antivirus 9.0.2.1000 Corporate Edition Version Details Vulnerabilities
94 Application Symantec Norton Antivirus 9.0.3 Macintosh Version Details Vulnerabilities
95 Application Symantec Norton Antivirus 9.0.3.1000 Corporate Edition Version Details Vulnerabilities
96 Application Symantec Norton Antivirus 9.0.4 Mr4 Build 1000 Corporate Edition Version Details Vulnerabilities
97 Application Symantec Norton Antivirus 9.0.4 Corporate Edition Version Details Vulnerabilities
98 Application Symantec Norton Antivirus 9.0.5 Corporate Edition Version Details Vulnerabilities
99 Application Symantec Norton Antivirus 9.0.5.1100 Corporate Edition Version Details Vulnerabilities
100 Application Symantec Norton Antivirus 9.0.6.1000 Corporate Edition Version Details Vulnerabilities
101 Application Symantec Norton Antivirus 10.0 Corporate Edition Version Details Vulnerabilities
102 Application Symantec Norton Antivirus 10.0 Macintosh Version Details Vulnerabilities
103 Application Symantec Norton Antivirus 10.0.0 Macintosh Version Details Vulnerabilities
104 Application Symantec Norton Antivirus 10.0.0.359 Corporate Edition Version Details Vulnerabilities
105 Application Symantec Norton Antivirus 10.0.1 Macintosh Version Details Vulnerabilities
106 Application Symantec Norton Antivirus 10.0.1.1000 Corporate Edition Version Details Vulnerabilities
107 Application Symantec Norton Antivirus 10.0.1.1007 Corporate Edition Version Details Vulnerabilities
108 Application Symantec Norton Antivirus 10.0.1.1008 Corporate Edition Version Details Vulnerabilities
109 Application Symantec Norton Antivirus 10.0.2.2000 Corporate Edition Version Details Vulnerabilities
110 Application Symantec Norton Antivirus 10.0.2.2001 Corporate Edition Version Details Vulnerabilities
111 Application Symantec Norton Antivirus 10.0.2.2002 Corporate Edition Version Details Vulnerabilities
112 Application Symantec Norton Antivirus 10.0.2.2010 Corporate Edition Version Details Vulnerabilities
113 Application Symantec Norton Antivirus 10.0.2.2011 Corporate Edition Version Details Vulnerabilities
114 Application Symantec Norton Antivirus 10.0.2.2020 Corporate Edition Version Details Vulnerabilities
115 Application Symantec Norton Antivirus 10.0.2.2021 Corporate Edition Version Details Vulnerabilities
116 Application Symantec Norton Antivirus 10.1 Corporate Edition Version Details Vulnerabilities
117 Application Symantec Norton Antivirus 10.1.4 Corporate Edition Version Details Vulnerabilities
118 Application Symantec Norton Antivirus 10.1.4 Mr4 Mp1 Build4010 Corporate Edition Version Details Vulnerabilities
119 Application Symantec Norton Antivirus 10.1.4.4010 Corporate Edition Version Details Vulnerabilities
120 Application Symantec Norton Antivirus 10.1.394 Corporate Edition Version Details Vulnerabilities
121 Application Symantec Norton Antivirus 10.1.396 Corporate Edition Version Details Vulnerabilities
122 Application Symantec Norton Antivirus 10.1.400 Corporate Edition Version Details Vulnerabilities
123 Application Symantec Norton Antivirus 10.1.401 Corporate Edition Version Details Vulnerabilities
124 Application Symantec Norton Antivirus 10.9.1 Macintosh Version Details Vulnerabilities
125 Application Symantec Norton Antivirus 2004 Version Details Vulnerabilities
126 Application Symantec Norton Antivirus 2004 Professional Version Details Vulnerabilities
127 Application Symantec Norton Antivirus 2005 11.0.9 Version Details Vulnerabilities
128 Application Symantec Norton Antivirus 2005 Version Details Vulnerabilities
129 Application Symantec Norton Antivirus 2005 Professional Version Details Vulnerabilities
130 Application Symantec Norton Antivirus 2005 11.0 Version Details Vulnerabilities
131 Application Symantec Norton Antivirus 2006 Version Details Vulnerabilities
132 Application Symantec Norton Internet Security 3.0 Macintosh Version Details Vulnerabilities
133 Application Symantec Norton Internet Security 2004 Version Details Vulnerabilities
134 Application Symantec Norton Internet Security 2004 Professional Version Details Vulnerabilities
135 Application Symantec Norton Internet Security 2005 11.0 Version Details Vulnerabilities
136 Application Symantec Norton Internet Security 2005 11.0.9 Version Details Vulnerabilities
137 Application Symantec Norton Internet Security 2005 11.5.6.14 Version Details Vulnerabilities
138 Application Symantec Norton Internet Security 2005 Version Details Vulnerabilities
139 Application Symantec Norton Internet Security 2005 Professional Version Details Vulnerabilities
140 Application Symantec Norton Internet Security 2006 Version Details Vulnerabilities
141 Application Symantec Norton Internet Security 2006 Professional Version Details Vulnerabilities
142 Application Symantec Norton Personal Firewall 2006 Version Details Vulnerabilities
143 Application Symantec Norton Personal Firewall 2006 9.1.0.33 Version Details Vulnerabilities
144 Application Symantec Norton Personal Firewall 2006 9.1.1.7 Version Details Vulnerabilities
145 Application Symantec Norton System Works 3.0 Macintosh Version Details Vulnerabilities
146 Application Symantec Norton System Works 2004 Version Details Vulnerabilities
147 Application Symantec Norton System Works 2005 Premier Version Details Vulnerabilities
148 Application Symantec Norton System Works 2005 11.0 Version Details Vulnerabilities
149 Application Symantec Norton System Works 2005 11.0.9 Version Details Vulnerabilities
150 Application Symantec Norton System Works 2005 Version Details Vulnerabilities
151 Application Symantec Norton System Works 2006 Version Details Vulnerabilities
152 Application Symantec Symantec Antivirus Filtering +for Domino 3.0.12 Version Details Vulnerabilities
153 Application Symantec Web Security 2.5 Version Details Vulnerabilities
154 Application Symantec Web Security 3.0 Version Details Vulnerabilities
155 Application Symantec Web Security 3.0.1 Version Details Vulnerabilities
156 Application Symantec Web Security 3.0.1 Build 3.01.70 Version Details Vulnerabilities
157 Application Symantec Web Security 3.0.1 Build 3.01.72 Version Details Vulnerabilities
158 Application Symantec Web Security 3.0.1 Build 3.01.74 Version Details Vulnerabilities
159 Application Symantec Web Security 3.0.1.70 Version Details Vulnerabilities
160 Application Symantec Web Security 3.0.1.76 Version Details Vulnerabilities
161 Application Symantec Web Security 3.01.59 Version Details Vulnerabilities
162 Application Symantec Web Security 3.01.60 Version Details Vulnerabilities
163 Application Symantec Web Security 3.01.61 Version Details Vulnerabilities
164 Application Symantec Web Security 3.01.62 Version Details Vulnerabilities
165 Application Symantec Web Security 3.01.63 Version Details Vulnerabilities
166 Application Symantec Web Security 3.01.67 Version Details Vulnerabilities
167 Application Symantec Web Security 3.01.68 Version Details Vulnerabilities
168 Application Symantec Web Security 5.0 Microsoft Isa 2004 Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
Symantec Antivirus Scan Engine 20
Symantec Brightmail Antispam 7
Symantec Client Security 28
Symantec Gateway Security 5000 Series 1
Symantec Gateway Security 5400 1
Symantec Mail Security 26
Symantec Mail Security 8820 Appliance 1
Symantec Norton Antivirus 47
Symantec Norton Internet Security 10
Symantec Norton Personal Firewall 3
Symantec Norton System Works 7
Symantec Symantec Antivirus Filtering +for Domino 1
Symantec Web Security 16

- References For CVE-2007-3699

http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11f.html CONFIRM
http://osvdb.org/36119
OSVDB 36119
http://secunia.com/advisories/26053
SECUNIA 26053
http://www.securityfocus.com/bid/24282
BID 24282 Symantec AntiVirus Malformed CAB and RAR Compression Remote Vulnerabilities Release Date:2007-07-13
http://www.vupen.com/english/advisories/2007/2508
VUPEN ADV-2007-2508
http://www.zerodayinitiative.com/advisories/ZDI-07-039.html

- Metasploit Modules Related To CVE-2007-3699

There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information)


CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.