ActiveX Control Vulnerability in Norton Utilities for Windows 95
CVE-1999-1380

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Utilities
Vendor: CVE Published:; 4 May 1997

What is CVE-1999-1380?

The TUNEOCX.OCX ActiveX control in Symantec's Norton Utilities 2.0 for Windows 95 is incorrectly marked as safe for scripting. This misconfiguration allows remote attackers to exploit vulnerabilities via malicious web pages viewed in browsers like Internet Explorer 3.0. When users access such pages, they may unintentionally execute arbitrary commands, leading to potentially severe security breaches.

References

http://mlarchive.ima.com/win95/1997/May/0342.html

x_refsource_MISC

http://www.iss.net/security_center/static/7188.php

vdb-entryx_refsource_XF

http://news.zdnet.co.uk/story/0%2C%2Cs2065518%2C00.html

x_refsource_MISC

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Aug 31, 2001
Vulnerability published
May 4, 1997