A problem with RAR compressed files in Symantec's antivirus software has been rated as a critical vulnerability. If this problem is exploited, the anti-virus software could actually let in the kinds of malware that it is designed to identify and block. RAR files are commonly used by remote hackers to deliver viruses to people's machines. As a result, most anti virus software now scans the contents of these files by default. However...
...according to Wheeler, there is a problem with a boundary error in the file Dec2Rar.dll version 3.2.14.3 used by a wide number of Symantec products. When Symantec opens the files to examine the contents there are unchecked 16bit length fields in RAR sub-block header types. During the decompression of RAR files Symantec antivirus software is vulnerable to multiple heap overflows. As a result, an attacker could be able to gain control of the system being protected.
Seemingly, this can lead to unauthorised control of data and related privileges by attackers, and affects almost the entire range of Symantec anti virus products.