Added: 09/20/2007
CVE: CVE-2007-2955
BID: 24983
OSVDB: 36477
The Symantec Norton product suite includes antivirus, firewall, and other security functions.
Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library within Norton products, allows command execution when handling specially crafted βAnomalyListβ and βAnomalyβ properties.
A fix is available through the LiveUpdate feature within Norton products.
<http://secunia.com/secunia_research/2007-53/advisory/>
Exploit works on Symantec Norton Internet Security 2006.
Windows XP