Symantec Norton NavComUI ActiveX control vulnerability
Added: 09/20/2007CVE: CVE-2007-2955
BID: 24983
OSVDB: 36477
Background
The Symantec Norton product suite includes antivirus, firewall, and other security functions.Problem
Vulnerabilities in the AxSysListView32 and AxSysListView32OAA ActiveX controls, implemented by the NavComUI.dll library within Norton products, allows command execution when handling specially crafted "AnomalyList" and "Anomaly" properties.Resolution
A fix is available through the LiveUpdate feature within Norton products.References
http://secunia.com/secunia_research/2007-53/advisory/Limitations
Exploit works on Symantec Norton Internet Security 2006.Platforms
Windows XPBack to exploit index