http://www.frsirt.com:80/english/advisories/2007/2822 A vulnerability has been identified in varioius Symantec products, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a buffer overflow error in the "AxSysListView32" and "AxSysListView32OAA" (NavComUI.dll) ActiveX controls when processing malformed "AnomalyList" and "Anomaly" properties, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
Affected Products Symantec Norton AntiVirus 2006 Norton Internet Security Anti Spyware Edition 2005 Symantec Norton Internet Security 2006 Symantec Norton SystemWorks 2006 Solution Patches are available via LiveUpdate in Interactive Mode. References <http://www.frsirt.com/english/advisories/2007/2822> http://www.frsirt.com/english/advisories/2007/2822 <http://www.frsirt.com/english/reference-2007-2822-1.php> http://securityresponse.symantec.com/avcenter/security/Content/2007.08.09.ht ml <http://www.frsirt.com/english/reference-2007-2822-2.php> http://secunia.com/secunia_research/2007-53/advisory
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
