Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 08/04/2008 Updated: 08/08/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The ActiveDataInfo.LaunchProcess method in the SymAData.ActiveDataInfo.1 ActiveX control 2.7.0.1 in SYMADATA.DLL in multiple Symantec Norton products including Norton 360 1.0, AntiVirus 2006 through 2008, Internet Security 2006 through 2008, and System Works 2006 through 2008, does not properly determine the location of the AutoFix Tool, which allows remote malicious users to execute arbitrary code via a remote (1) WebDAV or (2) SMB share.

Vulnerable Product	Search on Vulmon	Subscribe to Product
symantec norton internet security 2008
symantec system works 2006
symantec norton 360 1.0
symantec system works 2007
symantec system works 2008
symantec norton antivirus 2006
symantec norton antivirus 2007
symantec norton antivirus 2008
symantec norton internet security 2006
symantec norton internet security 2007

NVD-CWE-Other http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=678 http://securityresponse.symantec.com/avcenter/security/Content/2008.04.02a.html http://www.securityfocus.com/bid/28509 http://www.securitytracker.com/id?1019751 http://www.securitytracker.com/id?1019752 http://www.securitytracker.com/id?1019753 http://secunia.com/advisories/29660 http://www.vupen.com/english/advisories/2008/1077/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41631 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-0313

Vulnerability Summary

References

Vulmon Search

About

Products

Connect