Buffer Overflow in Symantec Sygate Personal Firewall ActiveX Control
CVE-2010-2305

Currently unrated

Key Information:

Vendor: Symantec
Status: Sygate Personal Firewall
Vendor: CVE Published:; 16 June 2010

Summary

A buffer overflow vulnerability exists in the ActiveX control within SSHelper.dll for Symantec Sygate Personal Firewall 5.6 build 2808. This flaw allows remote attackers to exploit the issue by sending a crafted request to the SetRegString method, which can potentially lead to arbitrary code execution. As a result, attackers could gain unauthorized access to affected systems, making it imperative for users to apply necessary patches and updates promptly to mitigate the risk.

References

http://www.exploit-db.com/exploits/13834

exploitx_refsource_EXPLOIT-DB

http://osvdb.org/65539

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/59408

vdb-entryx_refsource_XF

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 16, 2010
Vulnerability Reserved
Jun 16, 2010