There is a vulnerability in an ActiveX control provided by Norton AntiVirus 2004 that could allow an attacker to execute arbitrary programs, launch a browser window containing an unauthorized URL, or cause a denial of service on a vulnerable system.
Norton AntiVirus 2004 is an application that provides the ability to scan email messages, files, and other content to detect viruses, worms, and other malicious code. There is a vulnerability in the way an ActiveX control provided by Norton AntiVirus 2004 processes external input. In order to exploit this vulnerability, an attacker would need to convince a victim to view malicious HTML (a web page, for example).
A remote, unauthenticated attacker could cause a denial of service, launch a browser window containing an unauthorized URL, or execute programs that reside on the victim's system with privileges of the vulnerable process. According to Symantec Security Advisory SYM04-009, an attacker would need to know the location of the executeable on the victim's system in order to launch the program.
Symantec has provided an update to address this issue. Symantec recommends that clients running Norton AntiVirus 2004 use the LiveUpdate feature to apply this update. According to Symantec, this can be done as follows:
This vulnerability was reported by Yuu Arai of the Little eArth Corporation (LAC).
This document was written by Damon Morda.
|Date First Published:||2004-05-21|
|Date Last Updated:||2004-05-21 17:30 UTC|