Buffer Overflow in Symantec N360 and Norton Products
CVE-2010-0107

Currently unrated

Key Information:

Vendor: Symantec
Status: Client Security; Norton Internet Security; Norton 360; Norton Antivirus
Vendor: CVE Published:; 23 February 2010

Summary

A buffer overflow vulnerability exists in the ActiveX control (SYMLTCOM.dll) used by various Symantec and Norton products. This flaw may allow a remote attacker to induce a denial of service by crashing the affected application and possibly execute arbitrary code if the attacker can impersonate an authorized site.

References

http://osvdb.org/62412

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/archive/1/509717/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securitytracker.com/id?1023630

vdb-entryx_refsource_SECTRACK

EPSS Score

27% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Feb 23, 2010
Vulnerability Reserved
Dec 31, 2009