Insecure Methods in Symantec Norton Ghost 14 ActiveX Control
CVE-2009-1517
Currently unrated
What is CVE-2009-1517?
The Symantec Norton Ghost 14 application contains multiple vulnerabilities in the EasySetup ActiveX control (EasySetupInt.dll 14.0.4.30167). These flaws allow remote attackers to exploit insecure methods, resulting in potential denial of service conditions through browser crashes. Attackers could also leverage certain inputs to methods such as GetBackupLocationPath, CallUninstall, SetupDeleteVolume, CanUseEasySetup, CallAddInitialProtection, and CallTour to execute arbitrary code. This vulnerability places users at risk, necessitating prompt action for remediation.