|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=529
|
| |
Vulnerable Systems:
* Norton Internet Security 2006 version 12.2.0.13 of NavOpts.dll
Norton Internet Security 2006 installs the following ActiveX control which is registered as safe for scripting:
Progid: Symantec.Norton.AntiVirus.NAVOptions
Clsid: 085ABFE2-D753-445C-8A2A-D4BD46CE0811
File: C:\Program Files\Norton Internet Security\Norton AntiVirus\NAVOpts.dll
Version: 12.2.0.13
This control was designed for use in a application embedded web browser rather than a native Internet Explorer window. When this control is loaded in a standard browser window, it throws an error during initialization which leaves the browser in a defunct state. After the error dialog displays, other Symantec ActiveX Controls can be created without error even if they are not marked as safe for scripting. This can lead to remote code execution if the unsafe controls contain exploitable methods.
Analysis:
Exploitation allows malicious websites to load certain Symantec ActiveX Controls which were not designed or secured for web use.
This condition can lead to the execution of arbitrary code in situations where unsafe controls contain exploitable vulnerabilities.
Workaround:
Setting the kill-bit for the ActiveX control will prevent this component from loading in Internet Explorer. Although this will prevent potential exploitation, it may also negatively impact the functionality of the application.
Vendor response:
Symantec has addressed this vulnerability with a software update. The update is available via their LiveUpdate channels. For more information, consult their advisory at the following URL: http://www.symantec.com/avcenter/security/Content/2007.05.09.html
CVE Information:
CVE-2006-3456
Disclosure timeline:
12/13/2006 - Initial vendor notification
12/13/2006 - Initial vendor response
05/09/2007 - Coordinated public disclosure
|
|
|
|
|
