There are currently a number of “highly critical” unpatched security flaws in Symantec Mail Security for Microsoft Exchange versions 4.x, 5.x, and 6.x, according to Secunia.
In an advisory published on Monday, Secunia warned that companies could suffer remote systems access and denial of service due to unpatched parsing vulnerabilities in Symantec Mail Security for Microsoft Exchange, caused by third-party file viewers.
“Multiple vulnerabilities have been discovered in Symantec Mail Security for Exchange, which can be exploited by malicious people to cause a DoS (denial of service) and compromise a vulnerable system,” the advisory, SA27429, stated. “The vulnerabilities are caused due to various errors within certain third-party file viewers and can be exploited to cause buffer overflows when a specially crafted file is checked.”
Symantec, SMS, Exchange Server, Email, Vulnerability, Flaw, Microsoft