Security Alert

Security Alert, September 21, 2005
Unchecked Buffers in VERITAS Storage Exec
Buffer overflow vulnerabilities were discovered in multiple DCOM server components that are part of VERITAS Storage Exec and StorageCentral. The components could be exploited through calls to associated ActiveX controls if a user launched malicious HTML code.
Such code could arrive via email or be stored in a file or on a Web server. A successful exploit might lead to a system crash or allow access to the local system. Symantec released hotfixes for Storage Exec and StorageCentral to correct the problems.