CVE-2015-5689 Symantec Ghost Solution Suite and Symantec Deployment Solution Ghost Explorer Utility Out-of-Bounds Array Indexing Vulnerability (SYM15-008)

The Symantec Ghost Explorer Utility is a tool that is shipped with Symantec Ghost Solutions Suite(GSS) and Symantec Deployment Solution(DS) which allows to view, add delete launch and extract files from a Ghost Image (.gho) file. The tool is optional and is not installed by default. Affected version of the GSS and DS bundled with the Ghost Explorer Utility tool are vulnerable to out-of-bounds array indexing vulnerability.

Affected Versions :

1. Ghost Explorer Utility bundled with Symantec GSS prior to GSS 3.0 HF2 (12.0.0.8010)

2. Ghost Explorer Utility bundled with Symantec DS prior to DS 7.6 HF4 (12.0.0.7045)

Successful Exploitation of the vulnerability could lead to a denial of service or access to unauthorized data on the Symantec Ghost Explorer tool.

Update to versions Symantec GSS 3.0 HF2 (12.0.0.8010) or later and Symantec DS 7.6 HF4 (12.0.0.7045) or later. For more information,click here.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

SYM15-008: Windows