India Broadband

Security application developers Symantec have released several patches for their enterprise-facing BrightMail AntiSpam product.

These patches fix several reported security vulnerabilities in this application. The company had warned in an advisory that the bugs could lead to data manipulation, denial-of-service attacks or the exposure of sensitive information.

The affected products include Symantec BrightMail AntiSpam 4.x through 6.x and they are recommending the customers to update to the latest versions.

The company added that the problem occurs because the anti-spam software fails to fully sanitize file names passed to the DATABLOB-GET / DATABLOB-SAVE requests of directory traversal sequences.