Insecure Methods in Symantec Norton Ghost 14 ActiveX Control
CVE-2009-1517

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Ghost
Vendor: CVE Published:; 4 May 2009

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2009-1517?

The Symantec Norton Ghost 14 application contains multiple vulnerabilities in the EasySetup ActiveX control (EasySetupInt.dll 14.0.4.30167). These flaws allow remote attackers to exploit insecure methods, resulting in potential denial of service conditions through browser crashes. Attackers could also leverage certain inputs to methods such as GetBackupLocationPath, CallUninstall, SetupDeleteVolume, CanUseEasySetup, CallAddInitialProtection, and CallTour to execute arbitrary code. This vulnerability places users at risk, necessitating prompt action for remediation.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2009-1517 - Proof of Concept

References

http://www.securitytracker.com/id?1022120

vdb-entryx_refsource_SECTRACK

http://www.shinnai.net/xplits/TXT_Gl6RHStS23c9DANArcJE.html

x_refsource_MISC

https://www.exploit-db.com/exploits/8523

exploitx_refsource_EXPLOIT-DB

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
May 4, 2009
👾
Exploit known to exist
May 4, 2009
Vulnerability published
May 4, 2009
Vulnerability Reserved
May 4, 2009

CVE-2009-1517 Data

JSON