CVE-2007-2955

Currently unrated

Key Information:

Vendor
Symantec
Status
Norton System Works
Norton Internet Security
Norton Antivirus
Vendor
CVE Published:
9 August 2007

Summary

Multiple unspecified "input validation error" vulnerabilities in multiple ActiveX controls in NavComUI.dll, as used in multiple Norton AntiVirus, Internet Security, and System Works products for 2006, allows remote attackers to execute arbitrary code via (1) the AnomalyList property to AxSysListView32 and (2) Anomaly property to AxSysListView32OAA.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/35944
vdb-entryx_refsource_XF
http://www.symantec.com/avcenter/security/Content/2007.08...
x_refsource_CONFIRM
http://www.securitytracker.com/id?1018547
vdb-entryx_refsource_SECTRACK

EPSS Score

90% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.