Additional Details on SAV 10 Vulnerability released by EEye

eEye has released additional details on the SAV 10 vulnerability.
As rumored the vulnerability is in the remote management, and would allow an attacker to run code with system priviledges.

eEye Digital Security has discovered a vulnerability in the remote management interface for Symantec AntiVirus 10.x and Symantec Client Security 3.x, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system. The management interface is typically enabled in enterprise settings and listens on TCP port 2967 by default, for both server and client systems.