Hotfix for Symantec Enterprise Vault (EV) 8 SP5, Build 1048, Implement 8.3.2 converters patch for security fixes

Article:TECH167763  |  Created: 2011-08-23  |  Updated: 2014-12-04  |  Article URL http://www.symantec.com/docs/TECH167763
Article Type
Technical Solution


Issue



This hotfix can only be applied to the following versions of Enterprise Vault for:

Enterprise Vault for Microsoft Exchange 8 SP5, Build 1048
Enterprise Vault for File System Archiving 8 SP5, Build 1048
Enterprise Vault for Lotus Domino 8 SP5, Build 1048
Enterprise Vault for Microsoft SharePoint 8 SP5, Build 1048
Enterprise Vault for SMTP 8 SP5, Build 1048
Enterprise Vault API 8 SP5, Build 1048


Solution



What issue(s) does this hotfix resolve?
An issue has been found in the Oracle Outside In Technology (OIT) libraries which Enterprise Vault uses to convert data for storage in the archive. It has been found that if an email contains an affected attachment and passes through the Oracle converters, it could execute arbitrary code. This was related to the conversion of specific file types, the vulnerabilities of which are resolved in the 8.3.2 version of the OIT converters.

 


Which files does this hotfix replace? 

File Name File Version
EVConverterSandbox.exe 8.0.5.1076
All files in the "Converters" subfolder 8.3.2


How to Install this hotfix:

1. Stop all Enterprise Vault services.
2. Once all services are stopped, take a backup copy of EVConverterSandbox.exe, locatable in the Enterprise Vault installation folder (which by default is C:\Program Files\Enterprise Vault, or "C:\Program Files (x86)\Enterprise Vault" on a 64-bit machine).
3. Make a backup copy of the <Enterprise Vault installation folder>\Converters folder.
4. Copy the updated file EVConverterSandbox.exe, packaged in this hotfix, to the Enterprise Vault installation folder, replacing the original.
5. Copy all files from the \Files\Converters folder as packaged in this hotfix, to <Enterprise Vault installation folder>\Converters, replacing the originals.
6. Start all Enterprise Vault services.

NOTE: Some files are not being replaced. Others are new to the OIT 8.3.2 release and are introduced in this hotfix.


How to Uninstall this hotfix:

1. Stop all Enterprise Vault services.
2. Once all services are stopped, take the backed up copy of EVConverterSandbox.exe and replace the hotfixed EVConverterSandbox.exe, locatable in the Enterprise Vault installation folder (which by default is C:\Program Files\Enterprise Vault, or "C:\Program Files (x86)\Enterprise Vault" on a 64-bit machine).
3. Delete or rename the Converters folder in the Enterprise Vault installation folder.
4. Copy the backed up Converters folder into the Enterprise Vault installation folder.
5. Start all Enterprise Vault services.


Supplemental Materials

SourceETrack
Value2495938
Description

Implement 8.3.2 converters patch for security fixes



Article URL http://www.symantec.com/docs/TECH167763


Terms of use for this information are found in Legal Notices