Site Network: Beskerming.com | Skiifwrald.com | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

Norton Personal Firewall - Remote hacker automatic control

Version: 2004
Technical Details:

Buffer overflow in the ISLALERT.DLL ActiveX control associated with Personal Firewall / Internet Security 2004. The error occurs in the Get() and Set() functions used by ISAlertDataCOM. Arbitrary code execution can result, at the level of the current user.

Description:

It has been discovered that there is a serious vulnerability affecting the 2004 versions of Norton Personal Firewall and Internet Security. This particular vulnerability could allow a remote attacker to take over a vulnerable system and run code of their choice, as if they were the local user.

Mitigation:

Select and run LiveUpdate from within Norton Personal Firewall 2004, or follow the link listed for Product Updates

Updates:

http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2007010219171513

Source:

http://securityresponse.symantec.com/avcenter/security/Content/2007.05.16.html

Exploits:

External Tracking Data:

CVE-ID: CVE-2007-1689


Social bookmark this page