[原文]Norton Anti-Virus (NAV) allows remote attackers to bypass content filtering via attachments whose Content-Type and Content-Disposition headers are mixed upper and lower case, which is ignored by some mail clients.
Symantec Norton Anti-Virus Email Header Case Scan Bypass
Remote / Network Access
Loss of Integrity
Symantec Norton AntiVirus contains a flaw that may allow a remote attacker to bypass antivirus policies. The issue is triggered when changing the "Content-Type:" and "Content-Disposition:" headers to a mix of upper and lower case letters, which would remain undetected by the incoming email protection feature. It is possible that the flaw may allow a remote attacker to execute arbitrary code, resulting in a loss of integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec has released a patch to address this vulnerability.