A series of errors in Scan Engine were detected
Symantec has just warned users about a number of security holes in the Scan Engine product. However, the security firm only ranks these security errors as medium.
Scan Engine is a programming interface that allows third parties to integrate Symantec's malware removal technology into their applications.
As recommended by Symantec, the first security error lies in the issue of web login authentication. ' Anyone with knowledge of the communication mechanism can gain control of Scan Engine server '.
Another security error in opening an application could lead to a man-in-the-middle 'attack - a form of information theft. Accordingly, an attacker may take away the DSA keys used in secure SSL communication.
Remote users can also download any file to the program's installation directory via a third security error. This is an error using malicious HTTP requests to steal information.
Security firm stressed that these security flaws only affect Scan Engine, not any other application.
Users are advised to upgrade to Symantec Scan Engine 5.1 to fix these security errors.
Up to now, there has not been any attack by exploiting the above security errors. However, there are exploit codes that are likely to be distributed on the network.
HVD - ( Betanews )
- A series of Cisco products have serious errors
- A series of errors in DNS software were detected
- Cisco patches the wireless LAN controller
- The world's smallest W32 engine - mechanical
- Why is it difficult to detect spelling errors?
- A SpaceX rocket engine exploded during testing
- A series of IE errors are fixed
- The smallest engine in the world is a million times smaller than an ant
- The EM Drive engine test, which can lead humans to other galaxies
- Five basic errors in the privacy policy
- Microsoft announced plans to launch a series of new products
- Instructions for using a computer to perform print and scan tasks