Norton AntiSpam 2004 SymSpamHelper ActiveX control buffer overflow

Added: 12/24/2008
CVE: CVE-2004-0363
BID: 9916
OSVDB: 6249

Background

Norton AntiSpam 2004, which is included in Norton Internet Security 2004, is spam filtering software.

Problem

A buffer overflow vulnerability in the SymSpamHelper ActiveX control (symspam.dll) allows command execution when a user loads a web page which calls the LaunchCustomRuleWizard method with a long, specially crafted parameter.

Resolution

Use LiveUpdate to download and install all available product updates.

References

http://www.kb.cert.org/vuls/id/344718
http://www.symantec.com/avcenter/security/Content/2004.03.19.html
http://www.ngssoftware.com/advisories/antispam.txt

Limitations

Exploit works on Norton Internet Security 2004.

Platforms

Windows XP

Back to exploit index