...according to Wheeler, there is a problem with a boundary error in the file Dec2Rar.dll version 220.127.116.11 used by a wide number of Symantec products. When Symantec opens the files to examine the contents there are unchecked 16bit length fields in RAR sub-block header types. During the decompression of RAR files Symantec antivirus software is vulnerable to multiple heap overflows. As a result, an attacker could be able to gain control of the system being protected.
Seemingly, this can lead to unauthorised control of data and related privileges by attackers, and affects almost the entire range of Symantec anti virus products.