14 DAY TRIAL // The Cupertino-based security company admitted the existence of security bugs in two of its enterprise products and released patches to fix the issue.
The vulnerability in Antivirus Corporate Edition and Client Security was discovered by the same company that released a temporary workaround for a critical Internet Explorer bug.
eEye Digital Security rated the bug as having a high level of danger, attackers being able to execute malicious codes with SYSTEM level access, without any user interaction.
A stack overflow in Symantec Client Security and Symantec AntiVirus Corporate Edition could potentially allow a remote or local attacker to execute code on the affected machine, admitted the company on its site.
Symantec says that only versions 8.0, 8.1, all the 9.0 builds of the AntiVirus Corporate Edition and versions 1.0, 1.1, and all the 2.0 builds of Client Security are vulnerable and that none of the Norton products are affected.
The company's site adds that, up until now, there haven't been any reports of successful exploits.
The vulnerable products can be updated at this address.