|
|
|
|
| |
Credit:
The original article can be found at: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0364
The original article can be found at: http://www.securityfocus.com/bid/9915
|
| |
Vulnerable Systems:
* Symantec Norton Personal Firewall 2004
* Symantec Norton Personal Firewall 2003
* Symantec Norton Internet Security 2004 Professional Edition
* Symantec Norton Internet Security 2004
* Symantec Norton Internet Security 2003 Professional Edition
* Symantec Norton Internet Security 2003
* Symantec Norton Internet Security 2002 Professional Edition 0
* Symantec Norton Internet Security 2002 0
* Symantec Client Security 1.0
* Symantec Client Firewall 5.1.1
* Symantec Client Firewall 5.0 1
Symantec firewall products such as Norton Internet Security, Norton Personal Firewall, Client Firewall and Client Security are prone to a vulnerability that may potentially allow for remote command execution.
This vulnerability is exposed via the WrapNISUM Class ActiveX component. This component may potentially be invoked to launch a resource via a UNC path from malicious web page or HTML e-mail. This resource would likely be a malicious attacker-supplied executable.
Vendor Status:
Symantec as issued an update for this vulnerablity
Patch Availability:
http://securityresponse.symantec.com/avcenter/security/Content/2004.03.19.html
CVE Information:
CVE-2004-0364
|
|
|
|
|
