Published:2005/05/12  Last Updated:2008/05/21

JVN#A45697B1
Virus Security memory leak vulnerability

Overview

SourceNext Virus Security has a problem in processing a specially crafted email. When the email has a virus as an attachment and Virus Security detects that virus, memory leak occurs.

Products Affected

  • 2.0.0.9 (K7SpmSrc.exe) and earlier
  • Virus Security version 7.7.1120 and earlier

Description

Impact

A remote attacker may conduct a denial of service (DoS) attack.

Solution

Vendor Status

Vendor Status Last Update Vendor Notes
SOURCENEXT CORPORATION Vulnerable 2005/05/12

References

  1. LAC SNS Advisory No.82
    SourceNext Virus Security 2005 Memory Leak

JPCERT/CC Addendum

Credit

Yuu Arai of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia JVNDB-2005-000770

Update History