BetaNews | Critical Flaw Affects Symantec AntiVirus

BetaNews | Critical Flaw Affects Symantec AntiVirus: "A flaw within Symantec AntiVirus could open users' computers to the execution of arbitrary code when a specially crafted RAR file is scanned, independent security researcher Alex Wheeler said in an advisory on his Web site Tuesday.
Wheeler's work centers on looking for remote stack, heap and buffer overflows, mainly in antivirus products. In the case of this particular flaw, the problem is a result of unchecked 16bit length fields in RAR sub-block header types.
The flaw allows an attacker to assume complete control of the affected computer, without any user interaction in the default configuration of the antivirus software. Wheeler said that a hacker could exploit the vulnerability through common Internet protocols like SMTP."