Supportsoft ActiveX used in Symantec's products buffer overflow
Published:		25.02.2007
Source:		BUGTRAQ
SecurityVulns ID:		7302
Type:		client
Level:		6/10
Description:		Stack overrun (stack buffer overflow).

Affected:		SYMANTEC : Norton Internet Security 2006
		SYMANTEC : Norton AntiVirus 2006
		SYMANTEC : Norton SystemWorks 2006
CVE:		CVE-2006-6490 (Multiple buffer overflows in the SupportSoft (1) SmartIssue (tgctlsi.dll) and (2) ScriptRunner (tgctlsr.dll) ActiveX controls, as used by Symantec Automated Support Assistant and Norton AntiVirus, Internet Security, and System Works 2006, allows remote attackers to execute arbitrary code via a crafted HTML message.)

Original document

SYMANTEC, bugtraq@securityfocus.com (25.02.2007)

Discuss:

Read or add your comments to this news (0 comments)