14 DAY TRIAL // Symantec Mail Security is a suite of utilities designed to protect your inbox from all kinds of threats no matter if you're based on Microsoft Exchange, SMTP or Domino. Although the products are designed to defend your email, the Symantec Mail Security solutions are unable to reach their goal due to multiple vulnerabilities in the Autonomy KeyView module.
According to a security notification from Symantec, the affected products are Symantec Mail Security for Domino 7.5, Symantec Mail Security for Microsoft Exchange 5.0, Symantec Mail Security for SMTP 5.0.0 and 5.0.1 and Symantec Mail Security Appliance 5.0.x. However, the solutions which are avoided by the flaws are all the Symantec Mail Security for Domino versions prior to 8.5, Symantec Mail Security for Microsoft Exchange 6.x or 4.x, Symantec Mail Security for SMTP 4.1 and Symantec Mail Security Appliance 4.x.
"Multiple vulnerabilities have been discovered in the Autonomy KeyView module shipped with the Symantec Mail Security products. The KeyView module is used to perform content filtering. If exploited, these vulnerabilities could potentially lead to a product denial of service and if successfully exploited potential remote code execution and possible system compromise," Symantec wrote in the advisory.
Symantec said that several file formats are concerned by the reported flaws including Microsoft Word documents (.doc), Portable Executable (.exe), Adobe Acrobat FrameMaker (.mif) and several other extensions.
"Symantec engineers have worked with Autonomy to identify these vulnerabilities and are working to update the affected module. As fixes are made available, version information and download instructions will be added to this advisory," the advisory reads.
In addition to the Symantec report, security company Secunia also published an advisory, rating the vulnerabilities as 'highly critical'. For more information about the glitches and detailed instructions to patch them, please read the original notification published by Symantec.