Because of a bug in the Scan Engine's administrative interface, it is possible for an attacker to take over a system running the software by creating a specially crafted HTTP (Hypertext Transfer Protocol) request, Symantec said in a security advisory. The attacker would need to gain access to an exposed administrative port on the server for this attack, the report said.

Symantec is the second security vendor to report a major security bug in its products this week. Kaspersky Labs also reported a similarly critical flaw in its Antivirus Library, which is used by a wide range of the company's antivirus products.

This is cache, read story here