Patch/Configuration Management, Vulnerability Management

Symantec patches remotely exploitable flaw in Norton products

Symantec on Wednesday patched a vulnerability in Norton Personal Firewall 2004 and Norton Internet Security 2004 that can be exploited for remote code execution.

The Cupertino, Calif.-based anti-virus giant advised users to employ LiveUpdate to patch the buffer overflow vulnerability in an ActiveX control used by the two programs.

CERT had notified Symantec of the vulnerability [WHEN], which occurs in the Get() and Set() functions used by ISAlertDataCOM, a function of ISALERT.DLL.

Symantec and US-CERT warned today that for successful exploitation, an attacker must dupe the victim into visiting a malicious website and clicking on a malicious document.

Symantec, in an advisory released on Wednesday, ranked the flaw’s risk impact as "medium." A Symantec spokesman today referred questions to the advisory.

Secunia reported in an advisory released today that researcher Will Dorman of CERT/CC discovered the flaw, which can be exploited to cause a stack-based buffer overflow via an overly long argument.

Secunia ranked the flaw as "highly critical," meaning it can be exploited from a remote location.

FrSIRT yesterday rated the vulnerability as "critical."

 

Get more IT security news. Click here for SC Magazine Blogs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds