The white hat hacker Tavis Ormandy has discovered a critical exploitable memory overflow bug in the core Symantec Antivirus Engine. The bug is remotely exploitable and affects the way the antivirus products handle executables compressed leveraging on an early version of the Aspack compression tool. The simplest way to exploit the bug is to trick victims into opening malicious email or visiting a specifically crafted website. The issue also affects Linux, Mac and UNIX platforms resulting in a remote heap overflow as root.”]
Source: https://securityaffairs.co/wordpress/47409/hacking/symantec-antivirus-engine-bug.html

