Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine "without any user action."More details over here.
"This is definitely wormable. Once exploited, you get a command shell that gives you complete access to the machine. You can remove, edit or destroy files at will," said eEye Digital Security spokesperson Mike Puterbaugh.
"We have confirmed that an attacker can execute code without the user clicking or opening anything," Puterbaugh said.
Symantec anti-virus flaw puts millions at risk
Posted on Friday, May 26 2006 @ 21:27 CEST by Thomas De Maesschalck
A security flaw in the latest versions of Symantec's anti-virus solution could put millions of users at risk: