Symantec Product Range - Remote hacker automatic control
Version: | Various |
Technical Details: | Two ActiveX controls managed by NAVCOMUI.DLL have input validation errors that can lead to arbitrary code execution. |
Description: |
Symantec have released information about vulnerabilities with two ActiveX controls associated with Norton AntiVirus, Norton Internet Security, and Norton System Works. If an attacker is able to convince a victim to interacting with malicious websites code that targets these vulnerabilities, then it is possible for the attacker to take control of the victim's system. |
Mitigation: |
Run LiveUpdate from within affected Symantec software to obtain the appropriate updates. |
Updates: |
Run LiveUpdate in Interactive Mode from within the vulnerable products. |
Source: |
http://securityresponse.symantec.com/avcenter/security/Content/2007.08.09.html |
Exploits: |
|
External Tracking Data: | SYM07- 021 |
Social bookmark this page