CVE-2007-1689
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.5%
Buffer overflow in the ISAlertDataCOM ActiveX control in ISLALERT.DLL for Norton Personal Firewall 2004 and Internet Security 2004 allows remote attackers to execute arbitrary code via long arguments to the (1) Get and (2) Set functions.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | norton_internet_security | 2004 | cpe:2.3:a:symantec:norton_internet_security:2004:*:*:*:*:*:*:* |
| symantec | norton_personal_firewall | 2004 | cpe:2.3:a:symantec:norton_personal_firewall:2004:*:*:*:*:*:*:* |
References
osvdb.org/36164
secunia.com/advisories/25290
www.kb.cert.org/vuls/id/983953
www.securityfocus.com/archive/1/468779/100/0/threaded
www.securityfocus.com/bid/23936
www.securitytracker.com/id?1018073
www.symantec.com/avcenter/security/Content/2007.05.16.html
www.vupen.com/english/advisories/2007/1843
exchange.xforce.ibmcloud.com/vulnerabilities/34328
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.5%