Vulnerability Note VU#527228
Symantec ActiveX control vulnerable to buffer overflow
There is a buffer overflow in a component of Symantec's web-based Security Check.
Symantec describes Security Check as "a free web-based tool that enables users to test their computer's exposure to a wide range of on-line threats. As part of running the check, users may install an ActiveX Control, which remains on the user's system even after the check has completed." A buffer overflow has been discovered in the ActiveX control that is distributed from Symantec's web-based Security Check web site. For further technical details, please see the following documents:
Any user that visited Symantec's Security Check web site before June 25, 2003, when Symantec replaced the vulnerable ActiveX control, is likely to have the vulnerable control on their system. The only way to get rid of the control is to either visit Symantec's Security Check web site and run another Security Scan, or manually remove the vulnerable control. Users not following, or unaware of, either of these courses of action may be subject to an attacker installing and/or invoking a vulnerable version of the control on their system.
Symantec has replaced the vulnerable ActiveX control on their web site, and they recommend the following:
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Symantec Corporation||Affected||-||15 Jul 2003|
CVSS Metrics (Learn More)
This vulnerability was discovered by Cesar Cerrudo.
This document was written by Ian A Finlay.
- CVE IDs: CAN-2003-0470
- Date Public: 23 Jun 2003
- Date First Published: 21 Jul 2003
- Date Last Updated: 30 Sep 2003
- Severity Metric: 3.60
- Document Revision: 39
If you have feedback, comments, or additional information about this vulnerability, please send us email.