Remote Code Execution Vulnerability in Symantec Norton AntiVirus 2011
CVE-2010-3497

Currently unrated

Key Information:

Vendor: Symantec
Status: Norton Antivirus
Vendor: CVE Published:; 22 August 2012

Summary

Symantec Norton AntiVirus 2011 exhibits a flaw in how it processes hcp:// URLs through the Microsoft Help and Support Center. This vulnerability allows remote attackers to execute arbitrary code by sending specially crafted traffic that the antivirus software detects too late to prevent execution. The nature of the flaw highlights the importance of layered security approaches, as this issue is attributed to gaps in interaction between the antivirus software and system processes.

References

http://www.securityfocus.com/archive/1/514356

mailing-listx_refsource_BUGTRAQ

http://www.n00bz.net/antivirus-cve

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 22, 2012